Hi Folks:
I managed to get the user working doing the following (all from the CLI): 1. Deleted the user (ipa user-del new-user) 2. Re-added the user 3. Add the user to administrator groups. 4. Changed/set the password. 5. Removed the administrator privileges. 6. Attempt report ssh login. Steps 3 and 5 are a hack but I can demonstrate that not doing them causes the strange login problem. I can also show that the HBAC rules are enforced properly after step 5 is run so this works for me. I just don't understand why it is necessary. Thank you for all of your help and suggestions. Regards, Joe From: Joe Linoff Sent: Monday, July 23, 2012 1:51 PM To: sgall...@redhat.com; d...@redhat.com Cc: freeipa-users@redhat.com; Joe Linoff Subject: Re: [Freeipa-users] User can't login via ssh from external Hi Stephen and Dmitri: Thank you for the sshd GSSAPI configuration suggestion. I tried it this morning but it didn't work. That particular user is still not able to login. What is even more interesting is that I created a user with the identical setup and the new user worked (i.e., they were able to ssh in remotely). I am really confused by this because it does not appear to be a global setup issue like ssh. It may be some sort of HBAC rule violation or something else equally strange. I just can't figure it out. Can you suggest any other ways to troubleshoot this? Thanks, Joe
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users