[Freeipa-users] Problems with FreeIPA-client configuration on OpenSUSE 12.2

Jakub Hrozek jhrozek at redhat.com
Thu Dec 5 08:49:11 UTC 2013 

On Thu, Dec 05, 2013 at 12:02:12PM +0400, Прохоров Сергей wrote:
> 
> Hello community, I have problems with FreeIPA-client configuration
> on OpenSUSE 12.2, and I think I can't fix it without your help. I
> have following errors in my /var/log/messages, when I try login in
> by freeipa account:
> 
> ############################################################
> Dec  2 18:21:24 linux-l3wy sshd[12481]: Invalid user admin from
> 192.168.0.159
> Dec  2 18:21:24 linux-l3wy sshd[12481]: input_userauth_request:
> invalid user admin [preauth]
> Dec  2 18:21:24 linux-l3wy sssd_be: No worthy mechs found
> Dec  2 18:21:24 linux-l3wy sshd[12481]: Postponed
> keyboard-interactive for invalid user admin from 192.168.0.159 port
> 38175 ssh2 [preauth]
> Dec  2 18:21:41 linux-l3wy sshd[12484]: pam_sss(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=192.168.0.159 user=admin
> Dec  2 18:21:41 linux-l3wy sshd[12484]: pam_sss(sshd:auth): received
> for user admin: 10 (User not known to the underlying authentication
> module)
> Dec  2 18:21:41 linux-l3wy sshd[12481]: error: PAM: User not known
> to the underlying authentication module for illegal user admin from
> 192.168.0.159
> Dec  2 18:21:41 linux-l3wy sshd[12481]: Failed
> keyboard-interactive/pam for invalid user admin from 192.168.0.159
> port 38175 ssh2
> Dec  2 18:21:41 linux-l3wy sshd[12481]: Postponed
> keyboard-interactive for invalid user admin from 192.168.0.159 port
> 38175 ssh2 [preauth]
> Dec  2 18:21:50 linux-l3wy sshd[12481]: Connection closed by
> 192.168.0.159 [preauth]
> ############################################################

Hi Sergey,

are you able to run "getent passwd admin" from the command line? SSH is
complaining that admin is not a known account.

I suspect that for whatevet reason the sssd is unable to connect to the
IPA servers. getent passwd admin or id admin don't return anything, you
should put debug_level=6 into the [domain] section, restart sssd and
then check out /var/log/sssd/sssd_example.com log.

More information about the Freeipa-users mailing list