Users are unable to login and the following error (or something similar) is reported in /var/log/secure
sshd: error: PAM: User not known to the underlying authentication module for illegal user testuser1 from dc1.example.com
sshd: Failed keyboard-interactive/pam for invalid user testuser1 from 10.10.10.10 port 51627 ssh2
SELinux is set to enforcing on the Unix host without having configured the Authentication Services SELinux policy.
If SELinux is not required then it can be set to permissive mode.
To check the current SELinux status run
To temporarily set the mode to permissive
# setenforce 0
To temporarily set the mode to enforcing
# setenforce 1
To permanently set the status of SELinux edit /etc/selinux/config.
A reboot is required for the edit to take effect.
See SELinux man pages for more details.
To configure the Authentication Services SELinux policy run the following command as root
# /opt/quest/bin/vastool configure selinux
To unconfigure the same policy
# /opt/quest/bin/vastool unconfigure selinux
Please note that Authentication Services 4.1.7.x or higher is required in order to run commands in Resolution 2.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback 使用条款 隐私