Users from netgroup are not able to authenticate through sssd when nscd is turned on.

Solution Verified - Updated -

Issue

  • Users from the net group are not able to login unless each user is provided access in /etc/security/access.conf individually. Even though we have given access to net group in access.conf.

  • Entries in /etc/security/access.conf :

+ : root : ALL
+ : @netgroup1 : ALL
+ : @netgroup2 : ALL
- : ALL : ALL
# getent netgroup netgroup1
netgroup1       ( ,user1,) ( ,user2,) ( ,user3,) ( ,user4,) ( ,user5,)
  • User1 is not able to login to the server unless the individual entry of user is added in access.conf. For example, user1 is able to login to system only when the user1 is given as an individual entry in access.conf as below even though user1 is a member of netgroup1.
+ : root : ALL
+ : @netgroup1 : ALL
+ : @netgroup2 : ALL
+ : user1 : ALL 
- : ALL : ALL

Environment

  • Red Hat Enterprise Linux 5, 6, 7

  • nscd

  • sssd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.