User not known to the underlying authentication module

sudheshpn · 05-11-2020, 11:05 AM

I am seeing the below error in my remote machine while i execute a command from my source server. Any clue what could be wrong

==> /var/log/secure <==
May 11 15:31:27 umems701 sudo: pam_unix(sudo:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=olcne
May 11 15:31:27 umems701 sudo: pam_sss(sudo:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=olcne
May 11 15:31:27 umems701 sudo: pam_sss(sudo:auth): received for user olcne: 10 (User not known to the underlying authentication module)

sudheshpn · 05-11-2020, 11:07 AM

password-auth-ac

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 900 quiet
auth [default=1 ignore=ignore success=ok] pam_localuser.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 900 quiet_success
auth sufficient pam_sss.so forward_pass
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so

account required pam_unix.so broken_shadow
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 900 quiet
account [default=bad success=ok user_unknown=ignore] pam_sss.so
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account required pam_permit.so

password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password sufficient pam_sss.so use_authtok
password sufficient pam_ldap.so use_authtok

password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session optional pam_sss.so
session optional pam_ldap.so

ondoho · 05-12-2020, 01:17 AM

https://duckduckgo.com/?q=linux+ssh+...ication+module

Madgwick · 05-16-2020, 05:28 AM

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization.

ondoho · 05-16-2020, 05:38 AM

Quote:

Originally Posted by Madgwick

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization.

Searched for the first sentence enclosed in double quotes - once again, we have a copypasta spammer.
Why do they do this???
Anyhow, reported.