Hello, We are experiencing an issue with a user when they attempt to login. Other users can continue to login. It does seem to repeat on this specific user.
If I blitz the SSSD cache and restart it, then they find they can login again. They indicated that just prior to the event, they were forced to reboot their machine (i.e. unclean disconnect) and it was after that they couldn’t login. This was the successful session just before: Jun 17 08:00:58 server sshd[11882]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=<CLIENTIP> user=username Jun 17 08:00:58 server sshd[11882]: Accepted password for username from <CLIENTIP> port 59680 ssh2 Jun 17 08:00:59 server sshd[11882]: pam_unix(sshd:session): session opened for user username by (uid=0) Jun 17 13:22:17 server sshd[11882]: pam_unix(sshd:session): session closed for user username The next session which failed: Jun 17 13:33:13 server sshd[13210]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=<CLIENTIP> user=username Jun 17 13:33:13 server sshd[13210]: pam_sss(sshd:account): Access denied for user username: 4 (System error) Jun 17 13:33:13 server sshd[13210]: Failed password for username from <CLIENTIP> port 50114 ssh2 Jun 17 13:33:13 server sshd[13210]: fatal: Access denied for user username by PAM account configuration [preauth] There does not look to be any additional log information in SSSD representing the error. The troubleshooting suggested I follow up here for “system error 4”. It would be tricky to run debug on this, as this took 4 days until the failure reappeared and we might fill our log space very quickly. Thanks Mark ------------------------------------------------------------------------ Mark Sangster Server Infrastructure Specialist Information Technology Services | University of Aberdeen t: +44 (0)1224 27-3315 | e: [email protected]<mailto:[email protected]> | u: http://www.abdn.ac.uk/it/ The University of Aberdeen is a charity registered in Scotland, No SC013683. Tha Oilthigh Obar Dheathain na charthannas clàraichte ann an Alba, Àir. SC013683.
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
