[Freeipa-users] Trusted AD Users login via gdm
Leah Zimmermann
leah_zimmermann at web.de
Wed Jun 12 12:04:33 UTC 2013
Am 12.06.2013 12:03, schrieb Sumit Bose:
> On Wed, Jun 12, 2013 at 11:42:23AM +0200, Leah Zimmermann wrote:
>> Dear List Members,
>>
>> I have a FreeIPA-Domain on a CentOS 6.4 machine. It is in a trusted
>> relationship to an AD-Domain.
>> The users of the AD-Domain can login via ssh- or console-login. Then
>> they can start the gnome desktop manually. But if they login via gdm
>> they logged out immediatly.
> Which name style are you using 'AD_NETBIOS\username' or
> 'username at AD_DOMAIN' ? If you only tried one can you try the other?
until now I tried only 'username at AD_DOMAIN', but 'AD_NETBIOS\username'
does not work as well.
>
> If this does not help, please send the relevant section of
> /var/Log/secure and the sssd logs with a high debug level.
>
>
As far as I can see, both styles causing the same results.
Jun 12 13:27:56 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:auth): authentication failure; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=leah at AD_DOMAIN
Jun 12 13:27:57 ipa_hostname pam: gdm-password:
pam_sss(gdm-password:auth): authentication success; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=leah at AD_DOMAIN
Jun 12 13:27:57 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session opened for user leah at AD_DOMAIN
by (uid=0)
Jun 12 13:27:57 ipa_hostname polkitd(authority=local): Unregistered
Authentication Agent for session /org/freedesktop/ConsoleKit/Session25
(system bus name :1.265, object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)
(disconnected from bus)
Jun 12 13:27:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session closed for user leah at AD_DOMAIN
Jun 12 13:27:59 ipa_hostname polkitd(authority=local): Registered
Authentication Agent for session /org/freedesktop/ConsoleKit/Session27
(system bus name :1.275
[/usr/libexec/polkit-gnome-authentication-agent-1], object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)
Jun 12 13:32:56 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:auth): authentication failure; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=AD_NETBIOS\leah
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_sss(gdm-password:auth): authentication success; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=AD_NETBIOS\leah
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session opened for user AD_NETBIOS\leah
by (uid=0)
Jun 12 13:32:58 ipa_hostname polkitd(authority=local): Unregistered
Authentication Agent for session /org/freedesktop/ConsoleKit/Session27
(system bus name :1.275, object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)
(disconnected from bus)
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session closed for user AD_NETBIOS\leah
Jun 12 13:32:59 ipa_hostname polkitd(authority=local): Registered
Authentication Agent for session /org/freedesktop/ConsoleKit/Session29
(system bus name :1.285
[/usr/libexec/polkit-gnome-authentication-agent-1], object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)
May be the Unregistered Authentication Agent is the problem. But what I
have missed to do?
Thanks
Leah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130612/e9150861/attachment.htm>
More information about the Freeipa-users
mailing list