[Freeipa-users] Authenticate on GNOME display manager with freeipa
Sumit Bose
sbose at redhat.com
Wed May 10 19:42:16 UTC 2017
On Tue, May 09, 2017 at 11:12:13PM +0200, tuxderlinuxfuchs77 at gmail.com wrote:
> Hello everyone,
>
> I set up my freeIPA instance and it works very well for my client
> computers (Ubuntu Desktop 16.04.2 LTS), I can login via SSH using a
> freeIPA managed user account.
>
> My own HBAC rule also works for that. I disabled the "allow all" rule
> and created my own one. Works fine for SSH.
>
> But I cannot login to the GNOME 3 Desktop on the client. I used the
> netinstall ISO image of Ubuntu. During installation, I have chose
> "Ubuntu GNOME Desktop" as the only desktop.
>
> So my display manager is gdm3.
>
> I added the "gdm" and "gdm-password" services to my HBAC rule. To be on
> the safe side, I rebooted the client machine. But I still can't login to
> the GNOME Desktop with an account that can login via SSH.
>
> So the services in my rule are
>
> login, gdm, gdm-password
>
> If you need any logs or other information, I will provide them.
Please send sssd_pam.log and sssd_domain.name.log with debug_level=10 in
the [pam] and [domain/...] section of sssd.conf.
bye,
Sumit
>
>
> Thanks in advance!
>
>
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list