This repository was archived by the owner on May 2, 2024. It is now read-only.
Login fails #420
Description
Is there an existing issue for this?
- I have searched the existing issues and found none that matched mine
Describe the issue
I have installed libpam-aad and libnss-aad and configured the app_id and tenant_id in aad.conf, but the login doesn't work.
Steps to reproduce it
- Go to Ubuntu login
- Enter azure ad login (lowercase)
- Enter password
- Login failed
Ubuntu users: System information and logs
libnss_report.txt
libpam_report.txt
Non Ubuntu users: System information and logs
Environment
- aad-auth version: 0.5.2
- Distribution: Ubuntu
- Distribution version: 23.10
Log files
Please redact/remove sensitive information:
Dec 19 16:18:30 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): aad auth debug enabled
Dec 19 16:18:30 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): PAM AAD DEBUG enabled
Dec 19 16:18:30 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Loading configuration from /etc/aad.conf
Dec 19 16:18:30 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Connecting to "https://login.microsoftonline.com/7dc146bd-2748-4f55-a91b-6959e70f2a90", with clientID "c7e4dc0f-9e0c-4b2d-9cc8-3c08b7fd2663" for user "wojciech.turowicz@surveily.com"
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Authentication successful even if requiring MFA
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Cache initialization
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Opening cache in /var/lib/aad/cache
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): check file permissions on /var/lib/aad/cache/shadow.db
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): check file permissions on /var/lib/aad/cache/passwd.db
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Shadow db mode: 2
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Cleaning up db. Removing entries that last authenticated online more than 180 days ago
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): getting user information from cache for "wojciech.turowicz@surveily.com"
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): encrypt password for user "wojciech.turowicz@surveily.com"
Dec 19 16:18:33 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): updating from last online login information for user "wojciech.turowicz@surveily.com"
Dec 19 16:18:34 surveily-wt-04 gdm-password][26054]: pam_aad(gdm-password:auth): Close database request
Application settings
Please redact/remove sensitive information:
tenant_id = 7dc146bd-2748-4f55-a91b-6959e70f2a90
app_id = c7e4dc0f-9e0c-4b2d-9cc8-3c08b7fd2663
Relevant information
I install the pam and nss libraries from apt.
Double check your logs
- I have redacted any sensitive information from the logs