Hello I suggest running the hbactest function, somrthing like:
ipa hbactest --user=user1 --host=fqdn.of.target.server --service=login Regards Angus ________________________________ From: Kristian Petersen via FreeIPA-users <freeipa-users@lists.fedorahosted.org> Sent: 16 March 2020 21:57 To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> Cc: Kristian Petersen <nesre...@chem.byu.edu> Subject: [Freeipa-users] Some users unable to log in to host Hey all, I have a user that is trying to log into a host that is configured to have access restricted via an HBAC rule. This user is a member of one of the groups defined in the HBAC rule that should be granted access. When this user tries to SSH in to this host, they get 3 consecutive password prompts like "Password:" and then one like "username@domain's password:" and then they get a response of "Permission denied, please try again." I am not seeing any entries in the messages log or secure log for this user from these log in attempts. Anyone have any thoughts about why this is happening? -- Kristian Petersen System Administrator BYU Dept. of Chemistry and Biochemistry
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
