LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 09-24-2014, 08:15 AM   #1
bobnash251
LQ Newbie
 
Registered: Sep 2014
Posts: 1

Rep: Reputation: Disabled
Cannot login to linux server intermittently


Hi all,

I am from application team. I got some Active directory accounts created on our new linux servers(OS 6.3). Now the issue is I am sometimes able to login to the unix server and sometimes not. I checked with the Unix SA and they confirmed that ids were added to the correct OU and correct unix groups. There was no issue with that. Our unix SA also suggested we upgrade VAS to the latest version, which we did. Yet the issue persists.

I am getting, 'Access Denied' or 'You are not authorized to access this server' error. Please advise.

Regards,
Bob
 
Old 09-24-2014, 01:27 PM   #2
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,938
Blog Entries: 13

Rep: Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968Reputation: 4968
Well it seems like you've tried with your Unix System Administrators and they aren't or won't help you, but I'd persist with that and inquire if there are any logs which they see at your failed login accounts. You swap between Linux and Unix and offered OS 6.3, but what operating system or distribution exactly is that? That's curiosity though I don't think it matters because I'm going to say that you need to resolve this with the aid of those system admins.

I'd assume that they do get logs or can get more detailed logs which show your failed login attempts and perhaps some reasons why they have failed. Further, you could try tracing the Ethernet to view the login attempts and see if there are rejections from the server, or if there are problems getting "to" the server; although "access denied" does imply that the server is receiving your login attempts. Therefore my take is that the SA of those servers should be able to give you some more details why a given login attempt has failed.

Some other experiments to try would be to try and attach via a bad username and see what error you receive and then try to attach via a bad password (don't try more than once or it will disable your login) and see what error you receive. I actually see "permission denied" for either of those types of attempts.

For instance in Linux you can look at /var/log/auth.log to see who has attempted to login and whether or not they were successful.

This is a copy of my auth.log edited to redact my actual user names, but I tried to attach with non-existing username "soso" and then attached both successfully and unsuccessfully via bad password as "user1". I should think the SysAdmin people can look at the logs and tell you if they even see your connect attempts.
Code:
Sep 24 13:02:34 rt-linux-desktop sshd[2130]: Invalid user soso from 192.168.2.6
Sep 24 13:02:34 rt-linux-desktop sshd[2130]: input_userauth_request: invalid user soso [preauth]
Sep 24 13:02:36 rt-linux-desktop sshd[2130]: pam_unix(sshd:auth): check pass; user unknown
Sep 24 13:02:36 rt-linux-desktop sshd[2130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rt-linux-desktop.local 
Sep 24 13:02:38 rt-linux-desktop sshd[2130]: Failed password for invalid user soso from 192.168.2.6 port 51387 ssh2
Sep 24 13:02:40 rt-linux-desktop sshd[2130]: pam_unix(sshd:auth): check pass; user unknown
Sep 24 13:02:42 rt-linux-desktop sshd[2130]: Failed password for invalid user soso from 192.168.2.6 port 51387 ssh2
Sep 24 13:02:42 rt-linux-desktop sshd[2130]: Failed password for invalid user soso from 192.168.2.6 port 51387 ssh2
Sep 24 13:02:42 rt-linux-desktop sshd[2130]: Connection closed by 192.168.2.6 [preauth]
Sep 24 13:02:42 rt-linux-desktop sshd[2130]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rt-linux-desktop.local 
Sep 24 13:03:06 rt-linux-desktop sshd[2134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rt-linux-desktop.local  user=user1
Sep 24 13:03:07 rt-linux-desktop sshd[2134]: Failed password for user1 from 192.168.2.6 port 51388 ssh2
Sep 24 13:03:10 rt-linux-desktop sshd[2134]: Accepted password for user1 from 192.168.2.6 port 51388 ssh2
Sep 24 13:03:10 rt-linux-desktop sshd[2134]: pam_unix(sshd:session): session opened for user user1 by (uid=0)
Sep 24 13:03:15 rt-linux-desktop sshd[2364]: Received disconnect from 192.168.2.6: 11: disconnected by user
Sep 24 13:03:15 rt-linux-desktop sshd[2134]: pam_unix(sshd:session): session closed for user user1
Sep 24 13:05:01 rt-linux-desktop sshd[2551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rt-linux-desktop.local  user=user1
Sep 24 13:05:04 rt-linux-desktop sshd[2551]: Failed password for user1 from 192.168.2.6 port 51391 ssh2
Sep 24 13:05:06 rt-linux-desktop sshd[2551]: Connection closed by 192.168.2.6 [preauth]
Sep 24 13:07:19 rt-linux-desktop sudo:   user1 : TTY=pts/7 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/tail auth.log
Sep 24 13:07:19 rt-linux-desktop sudo: pam_unix(sudo:session): session opened for user root by user1(uid=1000)
Sep 24 13:07:19 rt-linux-desktop sudo: pam_unix(sudo:session): session closed for user root
Sep 24 13:08:34 rt-linux-desktop sudo:   user1 : TTY=pts/7 ; PWD=/var/log ; USER=root ; COMMAND=/bin/cat auth.log
Sep 24 13:08:34 rt-linux-desktop sudo: pam_unix(sudo:session): session opened for user root by user1(uid=1000)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
When power is reset Linux server sits at login prompt, want this to login automatical jenniekingsland Linux - Newbie 1 09-07-2010 08:29 AM
DNS Server not reachable from different subnet intermittently baps123 Linux - Server 4 08-28-2010 08:17 AM
Running an X server on an intermittently available 'client' machine? FifthColumnist Linux - Newbie 1 09-27-2007 02:45 AM
link dies intermittently-seemingly at random- between win<->linux not linux<->linux?? takahaya Linux - Networking 10 03-09-2007 11:37 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 08:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration