login to linux server using trusted AD

[mrsingh88]

HI

We have a set of linux server on OCI and two ADs (let us say X and Y)

There is a trust setup between X and Y.

All linux servers are integrated to Y domain. we are able to login to servers using users from Y domain. we want to eastablish login from user in X domain as well. which is not working. Ideally as there is a trust between X and Y, so it should work. We have same setup for windows as well where this works.

following some log snippets from /var/log/secure file when login is tried


Nov 28 13:34:14 <HOSTNAME> sshd[11844]: Invalid user <USER>@X.local from <IP> port 56610

Nov 28 13:34:14 <HOSTNAME> sshd[11844]: input_userauth_request: invalid user <USER>@X.local [preauth]

Nov 28 13:34:17 <HOSTNAME> sshd[11844]: Connection closed by <IP> port 56610 [preauth]

Nov 28 13:34:21 <HOSTNAME> sshd[11851]: Invalid user <USER>@X.local from <IP> port 56614

Nov 28 13:34:21 <HOSTNAME> sshd[11851]: input_userauth_request: invalid user <USER>@X.local [preauth]

Nov 28 13:34:36 <HOSTNAME> sshd[11851]: pam_faillock(sshd:auth): User unknown

Nov 28 13:34:36 <HOSTNAME> sshd[11851]: pam_unix(sshd:auth): check pass; user unknown

Nov 28 13:34:36 <HOSTNAME> sshd[11851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<IP>

Nov 28 13:34:38 <HOSTNAME> sshd[11851]: Failed password for invalid user <USER>@X.local from <IP> port 56614 ssh2

[tunk]

Spam?
Most likely a copy of this:
https://community.oracle.com/customerco ... trusted-ad

[TrevorH]

Well if it is then there is a compromise at a well known company (350,000+ employees) that has access to the email address associated with this account. I am unable to read that Oracle link - it asks me to login then when I do it tells me I'm not allowed to read it.