On 3/23/21 12:09 AM, Konstantin Boyandin via CentOS wrote:
Hello,
I joined a CentOS 8 box to an AD, using the below document as general
guide:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/integrating_rhel_systems_directly_with_windows_active_directory/connecting-rhel-systems-directly-to-ad-using-sssd_integrating-rhel-systems-directly-with-active-directory
(section 14.1)
A problem: after I tried to log on via SSH (as an AD user) to the box,
the journalctl gets the below records:
March 23 12:41:01 sandbox.lan sshd[2262]: pam_sss(sshd:auth):
authentication success; logname= uid=0 euid=0 tty=ssh ruser=
rhost=10.10.0.55 user=username
March 23 12:41:01 sandbox.lan sshd[2262]: pam_sss(sshd:account): Access
denied for user username: 4 (System error)
March 23 12:41:01 sandbox.lan sshd[2262]: Failed password for username
from 10.10.0.55 port 57610 ssh2
March 23 12:41:01 sandbox.lan sshd[2262]: fatal: Access denied for user
username by PAM account configuration [preauth]
"System error" generally means an error internally to sssd. I would
turn up sssd debugging and check the sssd logs in /var/log/sssd. Also,
you'll probably get better support on the sssd list.
--
Orion Poplawski
he/him/his - surely the least important thing about me
Manager of NWRA Technical Systems 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@xxxxxxxx
Boulder, CO 80301 https://www.nwra.com/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos