[Freeipa-users] Issue IPA: AD Users and IPA Users when using SSS/LDAP with SUDO
Aly Khimji
aly.khimji at gmail.com
Wed Apr 24 17:20:15 UTC 2013
Hey,
Thanks for the quick reply.
See below
Client
login as: btest at corpnonprd
btest at corpnonprd@10.137.216.163's password:
Your password will expire in 8908 day(s).
Last login: Wed Apr 24 11:13:47 2013 from 10.110.124.80
Could not chdir to home directory /home/CorpNonPrd.xxxx.com/btest: No such
file or directory
-sh-4.1$ id
uid=59401108(btest at corpnonprd.xxxx.com) gid=59401108(
btest at corpnonprd.xxxx.com)
groups=59401108(btest at corpnonprd.xxxx.com),59400512(domain
admins at corpnonprd.xxxx.com),59400513(domain users at corpnonprd.xxxx.com
),59401113(seca at corpnonprd.xxxx.com),818800006(ad_admins)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
-sh-4.1$ sudo -l
[sudo] password for btest at corpnonprd.xxxx.com:
Your password will expire in 8908 day(s).
User btest at corpnonprd.xxxx.com is not allowed to run sudo on rhidmclient.
-sh-4.1$
Logs
(I cleared the logs so the logs below are only the the above actions -
login, id, sudo -l)
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4097][1][name=btest]
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_resolve_server_process] (0x0200): Found address for server
didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_resolve_server_process] (0x0200): Found address for server
didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: host/
rhidmclient.nix.corpnonprd.xxxx.com
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[child_sig_handler] (0x0100): child [6032] finished successfully.
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[set_server_common_status] (0x0100): Marking server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:15 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_AUTHENTICATE
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sshd
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: ssh
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser:
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost: 10.110.124.80
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 1
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 11
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 1
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6030
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[check_for_valid_tgt] (0x0020): krb5_cc_retrieve_cred failed.
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_resolve_server_process] (0x0200): Found address for server
didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200
(Wed Apr 24 13:07:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[krb5_find_ccache_step] (0x0080): Saved ccache
FILE:/tmp/krb5cc_59401108_Qv9FNY if of different type than ccache in
configuration file, reusing the old ccache
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[set_server_common_status] (0x0100): Marking server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>)
[Success]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[child_sig_handler] (0x0100): child [6033] finished successfully.
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_ACCT_MGMT
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sshd
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: ssh
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser:
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost: 10.110.124.80
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 1
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6030
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_hostgroup_info_done] (0x0200): No host groups were dereferenced
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_hbac_evaluate_rules] (0x0080): Access granted by HBAC rule [test_HBAC]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>)
[Success]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sss_selinux_extract_user] (0x0040): sysdb_search_user_by_name failed.
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_selinux_handler] (0x0040): Cannot create op context
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (3, 4, <NULL>)
[Internal Error (System error)]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4099][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_SETCRED
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sshd
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: ssh
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser:
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost: 10.110.124.80
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 1
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6030
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_OPEN_SESSION
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sshd
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: ssh
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser:
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost: 10.110.124.80
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 1
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6030
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4099][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_SETCRED
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sshd
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: ssh
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser:
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost: 10.110.124.80
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 0
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6035
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4098][1][idnumber=59401108]
(Wed Apr 24 13:07:19 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4098][1][idnumber=59400512]
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4098][1][idnumber=59400513]
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [4098][1][idnumber=59401113]
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for
[4098][1][idnumber=818800006]
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sdap_nested_get_user_send] (0x0080): Couldn't parse out user information
based on DN (null), falling back to an LDAP lookup
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sdap_save_grpmem] (0x0040): Failed to save user ad_admins
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sdap_save_groups] (0x0040): Failed to store group 0 members.
(Wed Apr 24 13:07:20 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Wed Apr 24 13:07:32 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:32 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:32 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:32 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_AUTHENTICATE
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sudo
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: /dev/pts/5
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser: btest at corpnonprd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost:
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 1
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 11
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6061
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[check_for_valid_tgt] (0x0020): krb5_cc_retrieve_cred failed.
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_resolve_server_process] (0x0200): Found address for server
didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[krb5_find_ccache_step] (0x0080): Saved ccache
FILE:/tmp/krb5cc_59401108_Qv9FNY if of different type than ccache in
configuration file, reusing the old ccache
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[set_server_common_status] (0x0100): Marking server '
didmsvrua01.nix.corpnonprd.xxxx.com' as 'working'
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>)
[Success]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[child_sig_handler] (0x0100): child [6062] finished successfully.
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler] (0x0100): Got request with the following data
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): command: PAM_ACCT_MGMT
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): user: btest at CorpNonPrd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): service: sudo
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): tty: /dev/pts/5
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): ruser: btest at corpnonprd.xxxx.com
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): rhost:
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok type: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): authtok size: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok type: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): newauthtok size: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): priv: 0
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[pam_print_data] (0x0100): cli_pid: 6061
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_hostgroup_info_done] (0x0200): No host groups were dereferenced
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_hbac_evaluate_rules] (0x0080): Access granted by HBAC rule [test_HBAC]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>)
[Success]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sss_selinux_extract_user] (0x0040): sysdb_search_user_by_name failed.
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[ipa_selinux_handler] (0x0040): Cannot create op context
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Backend returned: (3, 4, <NULL>)
[Internal Error (System error)]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_get_account_info] (0x0100): Got request for [3][1][name=btest]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup
failed
(Wed Apr 24 13:07:48 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[sbus_dispatch] (0x0080): Connection is not open for dispatching.
(Wed Apr 24 13:07:48 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[be_client_destructor] (0x0020): Unknown client removed ...
(Wed Apr 24 13:07:48 2013) [sssd[be[nix.corpnonprd.xxxx.com]]]
[remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/
kpasswdinfo.NIX.CORPNONPRD.xxxx.COM], [2][No such file or directory]
Thx
Aly
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130424/bf15525c/attachment.htm>
More information about the Freeipa-users
mailing list