Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

sssd vs. winbind

Status
Not open for further replies.

w5000

Technical User
Nov 24, 2010
223
PL
hell
I have joined a linux to domain using sssd

realm join --user=administrator example.com

it configured all stuff in sssd.conf, nsswitch.conf and in pam modules there are sss configured in

I can see users accounts from AS but I can't login ssh or even su.

ssh fails on
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]

it definitely recognizes when I enter correct password because the "connection closed" happens only after I write correct password - when I enter wrong passowrd it gives me new prompt for entering passwords again

[root@host log]# ssh user@host
user@host's password:
Permission denied, please try again.
user@host's password:
Connection closed by 192.168.10.10


Mar 29 14:15:28 host sshd[3957]: PAM unable to dlopen(/usr/lib64/security/pam_winbind.so): /usr/lib64/security/pam_winbind.so: cannot open shared object file: No such file or directory
Mar 29 14:15:28 host sshd[3957]: PAM adding faulty module: /usr/lib64/security/pam_winbind.so
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:31 host sshd[3957]: pam_sss(sshd:auth): received for user user: 17 (Failure setting user credentials)
Mar 29 14:15:31 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.domain user=user
Mar 29 14:15:35 host sshd[3957]: Failed password for user from 192.168.10.10 port 43658 ssh2
Mar 29 14:15:35 host sshd[3957]: fatal: Access denied for user user by PAM account configuration [preauth]


any ide why authentication fails?
why it complains about missing pam_winbind.so if I am using sssd (not winbind) method?
 
in this case solved by:

# authconfig --disablewinbind --disablewinbindauth --disablewinbindusedefaultdomain --disablewinbindoffline --disablewinbindkrb5 --updateall
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top