[CentOS] can't login as subsequent FreeIPA users

Louis Lagendijk

louis at fazant.net
Tue Nov 19 10:20:26 UTC 2019

On Mon, 2019-11-18 at 13:05 -0600, Carson Chittom wrote:
> When I set up a machine with CentOS 8, I used the "Enterprise Login"
> in
> the initial setup wizard to authenticate against my FreeIPA server.
> This worked fine, and I have no issues logging in with that initial
> user.
> However, I am unable to use GDM or the console to login as any
> *other*
> valid user from FreeIPA. From GDM I get something like "Sorry, that
> didn't work" and "Permission denied" on the console.  I've verified
> that
> the credentials are correct, and that I am able to manually get a
> ticket
> via kinit for one of those other users from this machine.  With
> CentOS 7, I didn't have to do any additional configuration in this
> regard after the initial wizard.
> Not sure whether this is a CentOS configuration issue or a FreeIPA
> one,
> but I figured I'd start here.  I'm also not terribly familiar with
> FreeIPA, so I could be missing something obvious; but this worked
> without issue when the machine in question ran CentOS 7.
> Can somebody point me in the right direction?

This could be home directory related. Are the home directories local or
remote (NFS?). Are the home directories for the users accessible?

Can the users login over ssh?

More information about the CentOS mailing list