Applies To : All versions of Centrify DirectControl
Problem:
Users can login locally, but not over SSH. The error in the log is:
adclient[5370]: INFO AUDIT_TRAIL|Centrify Suite|Centrify sshd|1.0|101|SSHD denied|5|user=spadmin(type:ad,SPAdmin@XYZ.COM) pid=6610 utc=1474890765178 centrifyEventID=27101 status=DENIED service=ssh-connection tty=(no tty) authMechanism=password client=10.21.33.6 reason=AUTH_FAIL_PASSWD(invalid user or password.)
But neither user nor password is invalid and is happening on only one server.
Cause:
Debug log shows that Centrify's PAM module has not been called when the user try to ssh to server. In the file /etc/pam.d/system-auth, all the lines that has Centrify pam module entries were commented out.
Resolution:
Edit the file /etc/pam.d/system-auth to uncomment the following lines and save.