[Freeipa-users] User Can't Authenticate
Lukas Slebodnik
lslebodn at redhat.com
Fri May 22 07:15:43 UTC 2015
On (21/05/15 18:56), Dmitri Pal wrote:
>On 05/21/2015 05:54 PM, John Williams wrote:
>>I've got a freeIPA client where a user account cannot authenticate.
>>
>>The log entry for IPA looks like:
>>
>>audit/audit.log.4:type=USER_AUTH msg=audit(1425316592.375:38090): user
>>pid=16485 uid=0 auid=4294967295 ses=4294967295
>>subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication
>>acct="aswanda" exe="/usr/sbin/sshd" hostname=172.31.0.162 addr=172.31.0.162
>>terminal=ssh res=failed'
>>
>>When I try to sudo to the user account, I get the following error:
>>
>>[root at myhost ~]# sudo su - testuser
>>su: user testuser does not exist
>>
>>However, all that works for my account.
>>
>>Please help. Thanks in advance.
>>
>>
>>
>What do you use on the client? SSSD?
>What is the OS version?
>What SSSD logs show?
>
For sssd related issues see https://fedorahosted.org/sssd/wiki/Troubleshooting
Firstly, ensure you can get user information (getent passwd user)
Secondly, troubleshoot authentication and access control.
LS
More information about the Freeipa-users
mailing list