[Freeipa-users] HBAC rules not working
Steven Jones
Steven.Jones at vuw.ac.nz
Thu Nov 24 22:34:21 UTC 2011
Hi,
I have created a brand new workstation, brand new user group and brand new host group.....when I go to create a HBAC rule the user group fails to appear......
So it looks like the ipa setup is broken.....terminally.....?
:/
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Steven Jones [Steven.Jones at vuw.ac.nz]
Sent: Friday, 25 November 2011 9:21 a.m.
To: Rob Crittenden
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] HBAC rules not working
I went debug_level 3
I am getting access denied by hbac rules
Screenshot from the log incl.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: Rob Crittenden [rcritten at redhat.com]
Sent: Thursday, 24 November 2011 6:42 p.m.
To: Steven Jones
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] HBAC rules not working
Steven Jones wrote:
> When I add a host to the hbac rule and not a host group I can login....
>
> Something is wrong with the host group(s).....damned if I can see what.
I'd bump up debugging in sssd (sssd.conf (5)) on the server you're
logging into. It should tell you the evaluation it is making and why it
is failing. You'll need to restart sssd after adding debug_level.
rob
More information about the Freeipa-users
mailing list