[Freeipa-users] [Solaris 10] Cannot login through console or ssh with ipa users
nathan at nathanpeters.com
nathan at nathanpeters.com
Wed Feb 25 21:37:16 UTC 2015
> It does not seem to recognize the user in the secan attempt but the
> first attempt seems to authenticate and then disconnect.
> I do not see trace from accounting session but I suspect that your pam
> stack does not authorize authenticated user.
> Try to allow all authenticated users first. This will prove that it is a
> pam stack accounting phase configuration issue.
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager IdM portfolio
> Red Hat, Inc.
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project
>
How do I allow all authenticated users? In the freeIPA domain I have a
rule 'allow_all' that allows any user to connect to any system on any
service. This is working fine for linux clients.
I assume you mean to do it on the Solaris machine? I don't have any users
specifically blocked, ie, there is nothing in my sshd_config file that is
limiting the users and groups that can login. Eg, I've got no
'AllowUsers' lines or anything like that. I've even got PermitRootLogin
set to yes and have tested that root can login.
More information about the Freeipa-users
mailing list