I'm using sssd and it seems to work fine for us.
Here is my /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_sss.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_sss.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password sufficient pam_sss.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so
session optional pam_sss.so
You may also want to check your /etc/nsswitch.conf
Karl
On 2013-04-17 10:32 AM, Rodenhiser, Greg wrote:
Has anyone actually gotten SRSS to run on Redhat Enterprise 6,
64-bit?? If so, do you have a step by step?? I'm real close, but
something must be missing. We're hitting a huge frustration point with
this. Running on Redhat is a must (Oracle Linux won't do). Here's what
I did:
-Install/patch RHEL 6 64bit
-Install GDM mutliseat from Oracle Linux GDM multiseat yum repo
-Intall latest sros (firmware)
-Install latest srss 5.4
-Reboot
-After several manual fixes I can get the Sunray web admin to work and
I enable mobile sessions and the Oracle Virtual client
Using the Oracle virtual client on my Mac and can connect and get the
login screen and log in (but not as root or an LDAP user, only local
users). However the desktop never comes up after a successful login,
it just hangs. My messages log shows the following:
Apr 17 11:20:28 radius utxinit@dpy11: Errors from xkbcomp are not
fatal to the X server
Apr 17 11:20:28 radius nscloginGUI: Error opening catalog nscloginGUI
Apr 17 11:20:28 radius nscloginGUI: pam_sunray_amgh::[DPY=11]
AMGH_SUMMARY: token=mobile.MD5-a8227903c0b4ebc0696d101ff8388ff5,
username=greg, AMGH_Done?=NO(Local Session), Details=AMGH is not
configured., AMGH_Target=*NONE*
Apr 17 11:20:48 radius utxinit@dpy11: newtLoadKbdMap(): Could not load
xkb map names for 97
Apr 17 11:20:48 radius utxinit@dpy11: newtKbdEnqueueEvent: failed to
load keymap for 97.
Apr 17 11:20:48 radius utxinit@dpy11: newtKbdEnqueueEvent: defaulting
to initial keymap.
Apr 17 11:21:06 radius utxinit@dpy11: kill 4919: No such process
Apr 17 11:21:06 radius utxinit@dpy11: kill 4920: No such process
Apr 17 11:21:06 radius utdtsession: Delete
(11,mobile.MD5-a8227903c0b4ebc0696d101ff8388ff5)
Apr 17 11:21:06 radius utauthd: SessionManager0 NOTICE: EMPTY: ACTIVE
session
Apr 17 11:21:06 radius utauthd: Terminator NOTICE: DISCONNECT
MD5.a8227903c0b4ebc0696d101ff8388ff5,
mobile.MD5-a8227903c0b4ebc0696d101ff8388ff5 session terminated
Apr 17 11:21:06 radius utauthd: Terminator NOTICE: DESTROY
mobile.MD5-a8227903c0b4ebc0696d101ff8388ff5 lifetime=40199
Apr 17 11:21:06 radius utauthd: SessionManager0 NOTICE: TERMINATE:
inactive session
Apr 17 11:21:06 radius utauthd: Worker7 NOTICE: CLAIMED by
StartSession.m8 NAME: auth.greg PARAMETERS: {savedType=auth,
terminalIPA=10.96.187.235, type=auth, username=greg,
state=disconnected, cause=insert, doamgh=false, lockaction=disconnect,
rawId=a8227903c0b4ebc0696d101ff8388ff5,
terminalCID=MD5.a8227903c0b4ebc0696d101ff8388ff5, MTU=1500,
auth=true:login, tokenSeq=2, firstServer=0a6cc17b, namespace=MD5,
keyTypes=dsa-sha1-x1,dsa-sha1, currentMod=7,
sw=Oracle:SunRayS1:Darwin:3.1.1, id=greg,
clientRand=.outzeT/Xlztx9tnqwgbpfrNcRaLO58rD/1Lq7dhzyq,
realIP=0a60bbeb, startRes=1152x720:1152x720, quicklogin=true,
useReal=true, event=insert, sn=a8227903c0b4ebc0696d101ff8388ff5,
savedId=greg, rawType=pseudo, clientKeyStatus=autoconfirmed,
hw=SunRayS1, initState=1, _=1}
Apr 17 11:21:06 radius utauthd: Worker7 NOTICE: CONNECT
MD5.a8227903c0b4ebc0696d101ff8388ff5, auth.greg, all connections allowed
Apr 17 11:21:08 radius utauthd: Worker5 NOTICE: MTU = 1500
Apr 17 11:21:08 radius utdtsession: Add (11,auth.greg,normal)
Apr 17 11:21:09 radius utauthd: Worker5 NOTICE: SESSION_OK auth.greg
Apr 17 11:21:14 radius utxconfig: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:14 radius utxsun: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:14 radius utxsun:
Apr 17 11:21:14 radius utxsun: Can not determine token ID
Apr 17 11:21:19 radius utxconfig: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:19 radius utxsun: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:19 radius utxsun:
Apr 17 11:21:19 radius utxsun: Can not determine token ID
Apr 17 11:21:24 radius utxconfig: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:24 radius utxsun: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:24 radius utxsun:
Apr 17 11:21:24 radius utxsun: Can not determine token ID
Apr 17 11:21:29 radius utxconfig: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:29 radius utxsun: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:29 radius utxsun:
Apr 17 11:21:29 radius utxsun: Can not determine token ID
Apr 17 11:21:34 radius utxconfig: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:34 radius utxsun: Error: could not open file
'/var/opt/SUNWut/displays/11' for reading.
Apr 17 11:21:34 radius utxsun:
Apr 17 11:21:34 radius utxsun: Can not determine token ID
Apr 17 11:21:34 radius gdm-binary[3259]: WARNING: GdmDisplay: Display
/org/gnome/DisplayManager/Display2 failed 5 times in 25.000000
seconds, no longer managing display
Apr 17 11:26:50 radius utauthd: Worker3 NOTICE: readMessage::socket
looping limit exceeded.Close it.
Apr 17 11:26:50 radius utauthd: Worker3 NOTICE: DISCONNECT
MD5.a8227903c0b4ebc0696d101ff8388ff5, auth.greg destroy
Apr 17 11:26:50 radius utauthd: SessionManager0 NOTICE: TERMINATE:
ACTIVE session
Apr 17 11:26:50 radius utauthd: Worker3 NOTICE: DESTROY auth.greg
lifetime=343411
--
Greg Rodenhiser
Technical Services Engineer
College of the Holy Cross
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
CONFIDENTIALITY NOTICE: This communication (including all attachments) is
confidential and is intended for the use of the named addressee(s) only and
may contain information that is private, confidential, privileged, and
exempt from disclosure under law. All rights to privilege are expressly
claimed and reserved and are not waived. Any use, dissemination,
distribution, copying or disclosure of this message and any attachments, in
whole or in part, by anyone other than the intended recipient(s) is strictly
prohibited. If you have received this communication in error, please notify
the sender immediately, delete this communication from all data storage
devices and destroy all hard copies.
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
