[Freeipa-users] Unable to login where previously OK

[Steven Jones]

screenshot of secure log.


regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Jakub Hrozek [jhrozek at redhat.com]
Sent: Thursday, 12 April 2012 7:47 p.m.
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] Unable to login where previously OK

On Thu, Apr 12, 2012 at 04:09:20AM +0000, Steven Jones wrote:
> Hi,
>
> I have a user, myself that used to be able to login to a specific IPA client / host but I am no longer able to....
>
> The /var/log/secure log  appears to be telling me my password is wrong, so I reset it in IPA, but on initial login I cant put in the temp password and then reset it....I still get denied. I am also having a similar problem for a new user....
>
> So I went to another client/host and I can login and set a new password...so IPA looks to be OK....so its either a rule or the client/host is broken....
>
> next I went into the allow_all HBAC policy and turned it back on but I am still denied.....
>
> So where do I look for a specific failure msg to tell me the issue?  I assume its the host/client side....
>

Can you paste what /var/log/secure or /var/log/messages had to say? If
there is nothing to trace the error with, can you enable debugging(*) in SSSD
and paste the relevant contents of the SSSD log?

(*) put debug_level=6 or higher into the [domain/*] section of the SSSD,
service sssd restart, retry the login

_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-fault-01.jpeg
Type: image/jpeg
Size: 112773 bytes
Desc: ssh-fault-01.jpeg
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120412/d08292ab/attachment.jpeg>