IdM/IPA client ssh Connection closed and error pam_sss(sshd:account): Access denied

Solution Verified - Updated -

Issue

  • On some IdM/IPA clients, not all, a user cannot SSH, the connection is closed and the following errors can be seen in the system file:
/var/log/secure
Aug  6 16:39:40 ipaclient1 sshd[4712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.10.10.10  user=guest1
Aug  6 16:39:40 ipaclient1 sshd[4712]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.10.10.10 user=guest1
Aug  6 16:39:40 ipaclient1 sshd[4712]: pam_sss(sshd:account): Access denied for user mjunior: 4 (System error)
Aug  6 16:39:40 ipaclient1 sshd[4712]: Failed password for guest1 from 10.10.10.10 port 50932 ssh2
Aug  6 16:39:40 ipaclient1 sshd[4713]: fatal: Access denied for user guest1 by PAM account configuration

Environment

  • Red Hat Enterprise Linux 6.4
  • sssd-1.9.2-82

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In