Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-3090: AIX login fails. Remote logins are not allowed for this account: "invalid user"

Centrify DirectControl ,  

27 July,16 at 06:22 PM

Applies to:

All versions of Centrify DirectControl on AIX
 
Problem: 
 
User accounts are not allowed to login through SSH even though the user is Zone-Enabled and has been assigned a Login Role.
 
/var/log/centrifydc.log contains:
 
Login restricted for Accountname: Remote logins are not allowed for this account. 
 
> input_userauth_request: invalid user Accountname [preauth] 
> Authentication failed for illegal user Accountname from XXXXX.XXXXX.COM

In addition, sshd log contains the following entry: 

> debug3: AIX/loginrestrictions returned -1 msg 3004-306 Remote logins are not allowed for this account

 
Cause:
 
rlogin was set to false globally (or for group) in /etc/security/user:
 
default: 
rlogin = false
 
Resolution:
 
Verify that the following setting is set to true for default or group in /etc/security/user:
 
default: 
rlogin = true
 
Note: This is not a Centrify setting and so the issue is not actually Centrify-related.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.