Applies To : All versions of Centrify DirectControl
Users can login locally, but not over SSH. The error in the log is:
adclient: INFO AUDIT_TRAIL|Centrify Suite|Centrify sshd|1.0|101|SSHD denied|5|user=spadmin(type:ad,SPAdmin@XYZ.COM) pid=6610 utc=1474890765178 centrifyEventID=27101 status=DENIED service=ssh-connection tty=(no tty) authMechanism=password client=10.21.33.6 reason=AUTH_FAIL_PASSWD(invalid user or password.)
But neither user nor password is invalid and is happening on only one server.
Debug log shows that Centrify's PAM module has not been called when the user try to ssh to server. In the file /etc/pam.d/system-auth, all the lines that has Centrify pam module entries were commented out.
Edit the file /etc/pam.d/system-auth to uncomment the following lines and save.