Learn more about these different git repos.
Other Git URLs
Hi, I can log in with SSH but not with local console.
Here's my /var/log/secure
{{{Aug 4 12:15:39 localhost login: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=jshim10 Aug 4 12:15:39 localhost login: pam_sss(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=jshim10 Aug 4 12:15:39 localhost login: pam_sss(login:auth): received for user jshim10: 4 (System error) Aug 4 12:15:41 localhost login: FAILED LOGIN 1 FROM tty1 FOR jshim10, Authentication failure
Here's my /etc/pam.d/system-auth
#%PAM-1.0 auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet_success #auth sufficient pam_krb5.so use_first_pass auth sufficient pam_sss.so use_first_pass auth required pam_deny.so account required pam_access.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet #account [default=bad success=ok user_unknown=ignore] pam_krb5.so account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok #password sufficient pam_krb5.so use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session optional pam_oddjob_mkhomedir.so umask=0077 session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session sufficient pam_sss.so session required pam_unix.so #session optional pam_krb5.so
I'm using id_provider ldap, and auth_provider krb5
I'm sorry but there is no useful debugging information in this ticket. Please follow https://fedorahosted.org/sssd/wiki/Troubleshooting and https://fedorahosted.org/sssd/wiki/Reporting_sssd_bugs and attach the domain log and krb5_child.log
There was no reply for almost two weeks, closing.
resolution: => worksforme status: new => closed
Metadata Update from @jshim10: - Issue set to the milestone: NEEDS_TRIAGE
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4157
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.