[SSSD-users] Re: ldap_access_filter ignored for some users
Here are the excerpts from the /var/log/secure:
May 15 10:40:50 hostname texserver: pam_unix(texpress:auth): authentication failure;
logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERB
May 15 10:40:50 hostname texserver: pam_sss(texpress:auth): authentication failure;
logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERB
May 15 10:40:50 hostname texserver: pam_sss(texpress:auth): received for user USERB: 7
(Authentication failure)
May 15 10:40:53 hostname texserver: pam_unix(texpress:auth): authentication failure;
logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERA
May 15 10:40:53 hostname texserver: pam_sss(texpress:auth): authentication success;
logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERA
________________________________
From: Jakub Hrozek <jhrozek(a)redhat.com>
Sent: Tuesday, May 19, 2020 4:45 AM
To: End-user discussions about the System Security Services Daemon
<sssd-users(a)lists.fedorahosted.org>
Subject: [SSSD-users] Re: ldap_access_filter ignored for some users
EXTERNAL SENDER
On Mon, May 18, 2020 at 03:53:15PM +0000, Sajesh Singh wrote:
If there were no PAM requests then what could be triggering SSSD to
do the lookup that I see in the logs?
-Sajesh-
Oh, sorry, you're right, there is pam_print_data also in the second
snippet. What log level was this gathered with? The pam responder logs
would be useful either way.
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Attachments:
- attachment.html (text/html — 2.8 KB)