Article Content
Article Number | 000038367 |
Applies To | RSA Product Set: SecurID RSA Product/Service Type: Authentication Agent for PAM |
Issue |
|
Cause | The RSA Authentication Agent for PAM uses the getgrent() system call to return the group membership. If Winbind is not configured properly, the system call returns an empty list. You can test this using the command getent group <group_name>. A working configuration looks something like the example below:
A failed configuration returns the ad_group value but not the users, as shown:
|
Resolution | Configuration changes must be made to Winbind for the group membership to return correctly. Follow the steps below:
|