HBAC rules are set to allow_all enabled -----Original Message----- From: Rob Crittenden [mailto:rcrit...@redhat.com] Sent: Monday, March 31, 2014 3:44 PM To: Todd Maugh; freeipa-users@redhat.com Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and enrolled to new server cant authenticate
Todd Maugh wrote: > Hi, > > I have a rhel5 client I had problems with my IPA environment and had > to rebuild > > I'm on the latest version of IPA with a red hat 6 server > > I successfully enrolled the client to the new server (same domain, > same > realm) I had removed all old certs, sysrestores, and ipa/default.conf > > I can ssh to the box as root, and then either su or kinit to any IPA > user with out issue > > But when I try to ssh as the ipauser to the box it gives me permission > denied, please try again > > I cleared out the sssd cache and restarted sssd > > Is there something I'm missing or a log to check? > > I need to worked this out before I move forward enrolling other > previously enrolled clients. Check your HBAC rules. rob _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
