[CentOS] can't login as subsequent FreeIPA users

Carson Chittom

carson at wistly.net
Mon Nov 18 19:05:30 UTC 2019

When I set up a machine with CentOS 8, I used the "Enterprise Login" in
the initial setup wizard to authenticate against my FreeIPA server.
This worked fine, and I have no issues logging in with that initial user.

However, I am unable to use GDM or the console to login as any *other*
valid user from FreeIPA. From GDM I get something like "Sorry, that
didn't work" and "Permission denied" on the console.  I've verified that
the credentials are correct, and that I am able to manually get a ticket
via kinit for one of those other users from this machine.  With
CentOS 7, I didn't have to do any additional configuration in this
regard after the initial wizard.

Not sure whether this is a CentOS configuration issue or a FreeIPA one,
but I figured I'd start here.  I'm also not terribly familiar with
FreeIPA, so I could be missing something obvious; but this worked
without issue when the machine in question ran CentOS 7.

Can somebody point me in the right direction?

More information about the CentOS mailing list