Dear Jakub, I found only the following entries in the /var/log/auth.log:
Oct 5 11:57:38 hl-srv10 sudo: pam_unix(sudo:auth): conversation failed Oct 5 11:57:38 hl-srv10 sudo: pam_unix(sudo:auth): auth could not identify password for [[email protected]] Oct 5 11:57:38 hl-srv10 sudo: pam_sss(sudo:auth): authentication failure; [email protected] uid=1948403038 euid=0 tty=/dev/pts/1 [email protected] rhost= [email protected] Oct 5 11:57:38 hl-srv10 sudo: pam_sss(sudo:auth): received for user [email protected]: 7 (Authentication failure) Oct 5 11:57:38 hl-srv10 sudo: [email protected] : user NOT authorized on host ; TTY=pts/1 ; PWD=/home/de.eu.local/f.zoske ; USER=root ; COMMAND=/bin/cat /etc/sssd/sssd.conf Oct 5 11:57:42 hl-srv10 sudo: pam_unix(sudo:auth): authentication failure; [email protected] uid=1948403038 euid=0 tty=/dev/pts/1 [email protected] rhost= [email protected] Oct 5 11:57:42 hl-srv10 sudo: pam_sss(sudo:auth): authentication success; [email protected] uid=1948403038 euid=0 tty=/dev/pts/1 [email protected] rhost= [email protected] Oct 5 11:57:43 hl-srv10 sudo: [email protected] : user NOT authorized on host ; TTY=pts/1 ; PWD=/home/de.eu.local/f.zoske ; USER=root ; COMMAND=/bin/bash Oct 5 11:57:46 hl-srv10 sudo: pam_unix(sudo:auth): authentication failure; [email protected] uid=1948403038 euid=0 tty=/dev/pts/1 [email protected] rhost= [email protected] Oct 5 11:57:47 hl-srv10 sudo: pam_sss(sudo:auth): authentication success; [email protected] uid=1948403038 euid=0 tty=/dev/pts/1 [email protected] rhost= [email protected] Oct 5 11:57:47 hl-srv10 sudo: [email protected] : TTY=pts/1 ; PWD=/home/de.eu.local/f.zoske ; USER=root ; COMMAND=/bin/bash Oct 5 11:57:47 hl-srv10 sudo: pam_unix(sudo:session): session opened for user root by [email protected](uid=0)<mailto:[email protected](uid=0)> In /var/log/sssd/ no entries were logged. My sssd.conf: [domain/ipa-lx.com] cache_credentials = True krb5_store_password_if_offline = True ipa_domain = ipa-lx.com id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = hl-srv10.ipa-lx.com chpass_provider = ipa ipa_server = _srv_, dc01.ipa-lx.com ldap_tls_cacert = /etc/ipa/ca.crt ldap_sudo_use_host_filter = false [sssd] services = nss, pam, ssh, sudo config_file_version = 2 default_domain_suffix = de.eu.local domains = ei-ag.it [nss] override_shell = /bin/bash [pam] [sudo] [autofs] [ssh] [pac] Best regards, Fabian
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
