[Freeipa-users] HBAC rules not working
Steven Jones
Steven.Jones at vuw.ac.nz
Thu Nov 24 20:21:18 UTC 2011
I went debug_level 3
I am getting access denied by hbac rules
Screenshot from the log incl.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: Rob Crittenden [rcritten at redhat.com]
Sent: Thursday, 24 November 2011 6:42 p.m.
To: Steven Jones
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] HBAC rules not working
Steven Jones wrote:
> When I add a host to the hbac rule and not a host group I can login....
>
> Something is wrong with the host group(s).....damned if I can see what.
I'd bump up debugging in sssd (sssd.conf (5)) on the server you're
logging into. It should tell you the evaluation it is making and why it
is failing. You'll need to restart sssd after adding debug_level.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipa-hbac-error-01.jpeg
Type: image/jpeg
Size: 41332 bytes
Desc: ipa-hbac-error-01.jpeg
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111124/66cbb676/attachment.jpeg>
More information about the Freeipa-users
mailing list