[Freeipa-users] su: [ID 219349 auth.debug] pam_unix_auth: user craig not found (Solaris 10 IPA client)

[Rob Crittenden]

freeipa at noboost.org wrote:
> Hi All,
>
> I'm sooo close to getting my Solaris 10 (SPARC) client to work with IPA
>
> Server:
> - Red Hat Enterprise Linux Server release 6.2
> ipa-admintools-2.1.3-9.el6.x86_64
> ipa-client-2.1.3-9.el6.x86_64
> ipa-pki-ca-theme-9.0.3-7.el6.noarch
> ipa-pki-common-theme-9.0.3-7.el6.noarch
> ipa-python-2.1.3-9.el6.x86_64
> ipa-server-2.1.3-9.el6.x86_64
> ipa-server-selinux-2.1.3-9.el6.x86_64
>
>
> Client:
> Solaris 10 - Sparc
> SunOS lyra 5.10 Generic_141414-02 sun4u sparc SUNW,Sun-Fire-V210
>
>
> Issue:
> On ssh login, /var/log/authlog reports "user not found"
>
> ------------------------------------------------------------------------
> FILE: /var/log/authlog
> Jun  5 12:07:11 lyra sshd[1250]: [ID 525286 auth.debug] PAM-KRB5 (auth):
> end: Success
> Jun  5 12:07:11 lyra sshd[1250]: [ID 896952 auth.debug] pam_unix_auth:
> entering pam_sm_authenticate()
> Jun  5 12:07:11 lyra sshd[1250]: [ID 219349 auth.debug] pam_unix_auth:
> user craig not found
> Jun  5 12:07:11 lyra sshd[1250]: [ID 800047 auth.info]
> Keyboard-interactive (PAM) userauth failed[13] while authenticating: No
> account present for user
> Jun  5 12:07:11 lyra sshd[1250]: [ID 800047 auth.notice] Failed
> keyboard-interactive for craig from 192.168.0.103 port 48658 ssh2
> ------------------------------------------------------------------------
>
> - Additionally, I can log in via "su - craig" from a root account, but not
> when auth is required.
>
> -bash-3.00$ su - craig
> Password:
> su: Unknown id: craig
>
> getent even works;
> # getent passwd craig
> craig:*:343:135:Craig:/home/craig:/bin/bash
>
> Plus kerberos works, when simply running `kinit craig`.
>
>
>
> Any tips??

What have you done so far to configure the machine?

rob