Login with trusted AD user on IPA client fails with an errror "4 (System error)" in /var/log/secure
Issue
- Trusted AD user fails to login on IPA client fails with an errror "4 (System error)" in /var/log/secure
Oct 19 08:21:01 ipaclient sshd[1361]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=aduser@addomain.com
Oct 19 08:21:01 ipaclientipaclient sshd[1361]: pam_sss(sshd:auth): received for user aduser@addomain.com: 4 (System error)
- /var/log/sssd/krb5_child.log file is showing errors:
(Fri Oct 19 08:21:00 678918) [[sssd[krb5_child[5174]]]] [try_open_krb5_conf] (0x006789): User with uid:12345 gid:6789 cannot read /etc/krb5.conf. It might cause problems
(Fri Oct 19 08:21:01 678918) [[sssd[krb5_child[5174]]]] [create_ccache] (0x006789): 961: [13][Permission denied]
Environment
- Red Hat Enterprise Linux 7
- IPA Client
- IPA - AD Trust Environment
- sssd
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.