Trying to troubleshoot a user who is unable to log into our server from a client. Client is bound to server and other users can authenticate.
ApplePasswordServer.Server.log says the following when user in question tries to log in from a terminal:
Jul 26 2009 17:42:26 AUTH2: {0x473633ea7bc7fcaa0000000553400871, jeffb} DIGEST-MD5 authentication succeeded.
Jul 26 2009 17:42:26 AUTH2: {0x473633ea7bc7fcaa0000000553400871, jeffb} DIGEST-MD5 authentication succeeded.
Jul 26 2009 17:42:26 GETPOLICY: user {0x473633ea7bc7fcaa0000000553400871, jeffb}.
Jul 26 2009 17:42:31 KERBEROS-LOGIN-CHECK: user {0x473633ea7bc7fcaa0000000553400871, jeffb} is in good standing.
Jul 26 2009 17:42:31 KERBEROS-LOGIN-CHECK: user {0x473633ea7bc7fcaa0000000553400871, jeffb} authentication succeeded.
Jul 26 2009 17:42:31 AUTH2: {0x473633ea7bc7fcaa0000000553400871, jeffb} DIGEST-MD5 authentication succeeded.
Jul 26 2009 17:42:31 AUTH2: {0x473633ea7bc7fcaa0000000553400871, jeffb} DIGEST-MD5 authentication succeeded.
We are immediately kicked out with rather abrupt response:
macx42:~ weston$ ssh jeffb@xserver
Password:
Connection closed by 10.0.1.32
Edit: We have tried changing the user's password with Workgroup Manager to no avail...
Edit 2: Responding to comment...I DO see the failed attempt logged in /var/log/secure.log:
Jul 26 17:42:23 xserver sshd[498]: /etc/sshd_config line 70: Unsupported option KerberosGetAFSToken
Jul 26 17:42:26 xserver com.apple.SecurityServer[34]: checkpw() succeeded, creating credential for user jeffb
Jul 26 17:42:26 xserver com.apple.SecurityServer[34]: checkpw() succeeded, creating shared credential for user jeffb
Jul 26 17:42:26 xserver com.apple.SecurityServer[34]: Succeeded authorizing right system.login.tty by client /usr/sbin/sshd for au
thorization created by /usr/sbin/sshd.
Jul 26 17:42:26 xserver sshd[498]: error: PAM: User account has expired for jeffb from bigmac.demetrioi.com
Jul 26 17:42:31 xserver com.apple.SecurityServer[34]: checkpw() succeeded, creating credential for user jeffb
Jul 26 17:42:31 xserver com.apple.SecurityServer[34]: checkpw() succeeded, creating shared credential for user jeffb
Jul 26 17:42:31 xserver com.apple.SecurityServer[34]: Succeeded authorizing right system.login.tty by client /usr/sbin/sshd for au
thorization created by /usr/sbin/sshd.
Jul 26 17:42:31 xserver sshd[498]: Failed password for jeffb from 10.0.1.201 port 54698 ssh2
Edit 3 - Results of dirt:
xserver:~ weston$ dirt -u jeffb -p ********
Call to dsGetRecordList returned count = 1 with Status : eDSNoErr : (0)
Call to checkpw(): Success
path: /LDAPv3/127.0.0.1
Username: jeffb
Password: ********
Success