This is an old revision of the document!

Config PAM on linux

Debug PAM:

1° solution

Add to the end of file /etc/sssd/sssd.conf the following lines

[pam]
debug_level = 9

Logs are located into /var/log/sssd/, and also /var/log/secure

2° solution

Add debug to /etc/pam.d/*

auth sufficient pam_duo.so debug

logs will be located into

*.debug /var/log/debug.log

start SSSD in debug

# sssd -d4

[sssd] [ldb] (3): server_sort:Unable to register control with rootdse!
[sssd] [confdb_get_domains] (0): No domains configured, fatal error!
[sssd] [get_monitor_config] (0): No domains configured.

Check SElinux config

https://jfearn.fedorapeople.org/fdocs/en-US/Fedora_Draft_Documentation/0.1/html/System_Administrators_Guide/SSSD-Troubleshooting.htmlhttps://jfearn.fedorapeople.org/fdocs/en-US/Fedora_Draft_Documentation/0.1/html/System_Administrators_Guide/SSSD-Troubleshooting.html

Clear sssd cache

To clear sssd cache for single user

# sss_cache -u user1

To clear sssd cache for all users

# sss_cache -E

Delete sssd cache

Before doing this it is suggested that the SSSD service be stopped.

# systemctl stop sssd

After this we want to delete all files within the /var/lib/sss/db/ directory.

# rm -rf /var/lib/sss/db/*

Once complete we can start SSSD back up again.

# systemctl restart sssd

wiki

Table of Contents

Config PAM on linux

Debug PAM:

1° solution

2° solution

start SSSD in debug

Check SElinux config

Clear sssd cache

Delete sssd cache

wiki

User Tools

Site Tools

Table of Contents

Config PAM on linux

Debug PAM:

1° solution

2° solution

start SSSD in debug

Check SElinux config

Clear sssd cache

Delete sssd cache

Page Tools