[Freeipa-users] select users cannot sudo or login at the console
Jakub Hrozek
jhrozek at redhat.com
Fri Dec 7 15:15:02 UTC 2012
On Fri, Dec 07, 2012 at 09:33:22AM -0500, Rob Crittenden wrote:
> Albert Adams wrote:
> >Rob,
> >There are no HBAC rules defined other than the default "allow_all" rule
> >which has not been customized. It is a vanilla instal at this point. I
> >have not added anything other than the replica, a few clients, one user
> >group and the users to the system.
>
> Ok. I would update the sssd debug level and restart it, then try the
> login again. On system2 are you able to use nss tools to identify
> IPA users (id, getent, etc)?
>
> rob
>
Please also check out /var/log/secure. Is pam_sss mentioned at all? What
are the messages coming from pam_sss ?
More information about the Freeipa-users
mailing list