I getting a weird issue with SSSD, we are using SSSD for AD auth, we are using ocserv for VPN and it doesn't always appear to check SSSD, I am seeing it check PAM_unix get the auth failure and then simply return the failure instead of trying SSSD, if I restart the service then for a few requests will use PAM_sss (SSSD) and then will begin to simply use pam_unix again
When I restart the service it appears to work correctly for a moment Mar 29 16:42:31 ip-10-0-21-4 m[10038]: pam_unix(ocserv:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=X.X.X.X user=UserY Mar 29 16:42:32 ip-10-0-21-4 m[10038]: pam_sss(ocserv:auth): authentication success; logname= uid=0 euid=0 tty= ruser= rhost=X.X.X.X user=UserY Then it will get the following after a few minutes Mar 29 17:03:03 ip-10-0-21-4 m[10038]: pam_unix(ocserv:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=X.X.X.X user=UserX Mar 29 17:03:05 ip-10-0-21-4 m[10038]: PAM authenticate error: Authentication failure Mar 29 17:03:05 ip-10-0-21-4 m[10038]: PAM-auth pam_auth_pass: Authentication failure michael.l...@crownpeak.com Switchboard:+44 (0)20 7019 4700 crownpeak.com Forrester Wave for WCM 2017 Crownpeak, Studio 1001 Highgate Studios, 53-79 Highgate Road, London, NW5 1TL Registered in England: No. 3592714, VAT No. 625574723
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org