On (05/12/16 14:44), supertwisters(a)gmail.com wrote:
I'm trying to connect my server to a LDAP server. I get a correct
answer after using *id* and *ldapsearch* commands. However, i still not able to login with
SSH.
It would be good to move discussion to sssd-users mailing list.
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100):
command: SSS_PAM_AUTHENTICATE
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): domain: LDAP
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): user: myuser
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): service: sshd
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): tty: ssh
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): ruser:
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): rhost:
192.118.68.5
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): authtok type: 0
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): priv: 1
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): cli_pid: 2208
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): logon name: not
set
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] (0x0100): Backend
returned: (0, 7, <NULL>) [Success (Authentication failure)]
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] (0x0100): Sending
result [7][LDAP]
(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] (0x0100): Sent
result [7][LDAP]
I think the log is crystal clear.
"Authentication failure". It might be a wrong password; or denial due to
password policy or something else. It's hard to say without more info.
I would recommend to follow troubleshooting wiki page
https://fedorahosted.org/sssd/wiki/Troubleshooting#TroubleshootingAuthent...
It would be good if you could move discussion to sssd-users mailing list.
Thank you in advance for understanding.
LS