SSSD: Login failing with error "User account has expired".
Issue
- SSSD: Login failing with error
User account has expired.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [be_pam_handler] (0x0100): Got request with the following data
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): command: PAM_AUTHENTICATE
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): domain: EXAMPLE.COM
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): user: 6693
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): service: sshd
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): tty: ssh
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): ruser:
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): rhost: client1.example.com
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): authtok type: 1
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): newauthtok type: 0
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): priv: 1
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): cli_pid: 16569
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [pam_print_data] (0x0100): logon name: not set
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [krb5_auth_queue_send] (0x1000): Wait queue of user [6693] is empty, running request [0x7f2f68a799a0] immediately.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [krb5_setup] (0x4000): No mapping for: 6693
.
.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [krb5_auth_send] (0x0100): Home directory for user [6693] not known.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [krb5_auth_prepare_ccache_name] (0x1000): No ccache file for user [6693] found.
.
.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [be_resolve_server_process] (0x0200): Found address for server server1.example.com: [192.168.2.2] TTL 1200
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://server1.example.com'
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [ad_resolve_callback] (0x0100): Constructed GC uri 'ldap://server1.example.com'
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [sss_krb5_realm_has_proxy] (0x0040): profile_get_values failed.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [child_handler_setup] (0x2000): Setting up signal handler up for pid [16572]
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [child_handler_setup] (0x2000): Signal handler set up for pid [16572]
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [write_pipe_handler] (0x0400): All data has been sent!
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [child_sig_handler] (0x1000): Waiting for child [16572].
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [child_sig_handler] (0x0100): child [16572] finished successfully.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [read_pipe_handler] (0x0400): EOF received, client finished
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [check_wait_queue] (0x1000): Wait queue for user [6693] is empty.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [krb5_auth_queue_done] (0x1000): krb5_auth_queue request [0x7f2f68a799a0] done.
(Tue Oct 4 15:50:22 2016) [sssd[be[EXAMPLE.COM]]] [be_pam_handler_callback] (0x0100): Backend returned: (0, 13, ) [Success (User account has expired)]
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Active Directory
- SSSD
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
