Hi,
I have a rhel5 client I had problems with my IPA environment and had to rebuild
I'm on the latest version of IPA with a red hat 6 server
I successfully enrolled the client to the new server (same domain, same realm)
I had removed all old certs, sysrestores, and ipa/default.conf
I can ssh
Todd Maugh wrote:
Hi,
I have a rhel5 client I had problems with my IPA environment and had to
rebuild
I’m on the latest version of IPA with a red hat 6 server
I successfully enrolled the client to the new server (same domain, same
realm) I had removed all old certs, sysrestores, and ipa/defau
HBAC rules are set to allow_all enabled
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Monday, March 31, 2014 3:44 PM
To: Todd Maugh; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant
: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Monday, March 31, 2014 3:44 PM
To: Todd Maugh; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
Todd Maugh wrote:
Hi,
I have a rhel5 client I had problems wi
a-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
Todd Maugh wrote:
> HBAC rules are set to allow_all enabled
Ok. I'd start with increasing the sssd log level and see what it says.
I gather that basic nss wo
it uses GSSAPI?
Check PAM config for SSH.
From: Rob Crittenden
Sent: Monday, March 31, 2014 3:52 PM
To: Todd Maugh; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
Todd Maugh wrote:
HBAC rules are
PAM configuration as
Dmitri suggested.
HTH
bye,
Sumit
>
> I see this in the sssd Logs but still not authenticating
>
> will check out AVC and SELinux very frustrating
>
>
> ________________
> From: Rob Crittenden
> Sent: Monday, March 31, 2014 3:52 P
: Sumit Bose [mailto:sb...@redhat.com]
Sent: Tuesday, April 01, 2014 12:19 AM
To: Todd Maugh
Cc: Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
On Mon, Mar 31, 2014 at 11:05:18PM +, Todd
-
From: Sumit Bose [mailto:sb...@redhat.com]
Sent: Tuesday, April 01, 2014 12:19 AM
To: Todd Maugh
Cc: Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
On Mon, Mar 31, 2014 at 11:05:18PM +
Tuesday, April 01, 2014 10:58 AM
To: Sumit Bose
Cc: freeipa-users@redhat.com
Subject: RE: [Freeipa-users] uninstalled IPA client and reinstalled and
enrolled to new server cant authenticate
I am seeing this error in /var/log/secure
[r...@black-64.qa ~]# tail /var/log/secure
Apr 1 17:54:05 black
On Tue, Apr 01, 2014 at 05:58:00PM +, Todd Maugh wrote:
> I am seeing this error in /var/log/secure
>
> [r...@black-64.qa ~]# tail /var/log/secure
> Apr 1 17:54:05 black-64 sshd[3649]: pam_sss(sshd:auth): authentication
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.194.1.250 user=
) [sssd[be[ops.boingo.com]]] [be_client_destructor]
(4): Removed NSS client
(Tue Apr 1 20:50:38 2014) [sssd[be[ops.boingo.com]]] [remove_krb5_info_files]
(5): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.OPS.BOINGO.COM], [2][No
such file or directory]
____________
From: free
) [sssd[be[ops.boingo.com]]] [be_client_destructor]
(4): Removed NSS client
(Tue Apr 1 20:50:38 2014) [sssd[be[ops.boingo.com]]] [remove_krb5_info_files]
(5): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.OPS.BOINGO.COM], [2][No
such file or directory]
____________
From
13 matches
Mail list logo
