[prev in list] [next in list] [prev in thread] [next in thread]
List: centos
Subject: Re: [CentOS] can't login as subsequent FreeIPA users
From: Carson Chittom <carson () wistly ! net>
Date: 2019-11-21 14:20:31
Message-ID: pqidz2sgmhcnv4.fsf () granite ! internal ! wistly ! net
[Download RAW message or body]
Carson Chittom <carson@wistly.net> writes:
> When I set up a machine with CentOS 8, I used the "Enterprise Login" in
> the initial setup wizard to authenticate against my FreeIPA server.
> This worked fine, and I have no issues logging in with that initial user.
>
> However, I am unable to use GDM or the console to login as any *other*
> valid user from FreeIPA. From GDM I get something like "Sorry, that
> didn't work" and "Permission denied" on the console. I've verified that
> the credentials are correct, and that I am able to manually get a ticket
> via kinit for one of those other users from this machine. With
> CentOS 7, I didn't have to do any additional configuration in this
> regard after the initial wizard.
I discovered that /etc/sssd/sssd.conf contains the line:
simple_allow_users = $, initialuser
Adding other users to this line allows them to log in. This is a very
small deployment (8 users, 4 machines), so this addresses my immediate
need, but clearly isn't really the solution. I'll dig into it some more
when I have some leisure.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic