Users from netgroup are not able to authenticate through sssd when nscd is turned on.

Solution Verified - Updated -

Issue

  • Users from the net group are not able to login unless each user is provided access in /etc/security/access.conf individually. Even though we have given access to net group in access.conf.

  • Entries in /etc/security/access.conf :

+ : root : ALL
+ : @netgroup1 : ALL
+ : @netgroup2 : ALL
- : ALL : ALL

# getent netgroup netgroup1
netgroup1       ( ,user1,) ( ,user2,) ( ,user3,) ( ,user4,) ( ,user5,)
  • User1 is not able to login to the server unless the individual entry of user is added in access.conf. For example, user1 is able to login to system only when the user1 is given as an individual entry in access.conf as below even though user1 is a member of netgroup1.
+ : root : ALL
+ : @netgroup1 : ALL
+ : @netgroup2 : ALL
+ : user1 : ALL 
- : ALL : ALL

Environment

  • Red Hat Enterprise Linux 5, 6, 7

  • nscd

  • sssd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content