hell
I have joined a linux to domain using sssd
realm join --user=administrator example.com
it configured all stuff in sssd.conf, nsswitch.conf and in pam modules there are sss configured in
I can see users accounts from AS but I can't login ssh or even su.
ssh fails on
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]
it definitely recognizes when I enter correct password because the "connection closed" happens only after I write correct password - when I enter wrong passowrd it gives me new prompt for entering passwords again
[root@host log]# ssh user@host
user@host's password:
Permission denied, please try again.
user@host's password:
Connection closed by 192.168.10.10
Mar 29 14:15:28 host sshd[3957]: PAM unable to dlopen(/usr/lib64/security/pam_winbind.so): /usr/lib64/security/pam_winbind.so: cannot open shared object file: No such file or directory
Mar 29 14:15:28 host sshd[3957]: PAM adding faulty module: /usr/lib64/security/pam_winbind.so
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): received for user user: 17 (Failure setting user credentials)
Mar 29 14:15:31 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]
any ide why authentication fails?
why it complains about missing pam_winbind.so if I am using sssd (not winbind) method?
I have joined a linux to domain using sssd
realm join --user=administrator example.com
it configured all stuff in sssd.conf, nsswitch.conf and in pam modules there are sss configured in
I can see users accounts from AS but I can't login ssh or even su.
ssh fails on
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]
it definitely recognizes when I enter correct password because the "connection closed" happens only after I write correct password - when I enter wrong passowrd it gives me new prompt for entering passwords again
[root@host log]# ssh user@host
user@host's password:
Permission denied, please try again.
user@host's password:
Connection closed by 192.168.10.10
Mar 29 14:15:28 host sshd[3957]: PAM unable to dlopen(/usr/lib64/security/pam_winbind.so): /usr/lib64/security/pam_winbind.so: cannot open shared object file: No such file or directory
Mar 29 14:15:28 host sshd[3957]: PAM adding faulty module: /usr/lib64/security/pam_winbind.so
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): received for user user: 17 (Failure setting user credentials)
Mar 29 14:15:31 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]
any ide why authentication fails?
why it complains about missing pam_winbind.so if I am using sssd (not winbind) method?