On Mon, May 18, 2020 at 03:53:15PM +0000, Sajesh Singh wrote:
If there were no PAM requests then what could be triggering SSSD to do the lookup that I see in the logs?
-Sajesh-
Oh, sorry, you're right, there is pam_print_data also in the second snippet. What log level was this gathered with? The pam responder logs would be useful either way.
Here are the excerpts from the /var/log/secure:
May 15 10:40:50 hostname texserver: pam_unix(texpress:auth): authentication failure; logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERB May 15 10:40:50 hostname texserver: pam_sss(texpress:auth): authentication failure; logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERB May 15 10:40:50 hostname texserver: pam_sss(texpress:auth): received for user USERB: 7 (Authentication failure) May 15 10:40:53 hostname texserver: pam_unix(texpress:auth): authentication failure; logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERA May 15 10:40:53 hostname texserver: pam_sss(texpress:auth): authentication success; logname= uid=0 euid=0 tty= ruser=USERB rhost=123.456.789.000 user=USERA
________________________________ From: Jakub Hrozek jhrozek@redhat.com Sent: Tuesday, May 19, 2020 4:45 AM To: End-user discussions about the System Security Services Daemon sssd-users@lists.fedorahosted.org Subject: [SSSD-users] Re: ldap_access_filter ignored for some users
EXTERNAL SENDER
On Mon, May 18, 2020 at 03:53:15PM +0000, Sajesh Singh wrote:
If there were no PAM requests then what could be triggering SSSD to do the lookup that I see in the logs?
-Sajesh-
Oh, sorry, you're right, there is pam_print_data also in the second snippet. What log level was this gathered with? The pam responder logs would be useful either way. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
sssd-users@lists.fedorahosted.org
-
Jakub Hrozek -
Sajesh Singh