Troubleshoot Logon Issues with Systems
Solve Logon Problems from Windows
To troubleshoot a problem with a user who cannot log on a to Linux or Unix computer, perform the following series of diagnostic tests sequentially.
- On a Windows computer, log off and then log on again with the problem user's AD credentials to verify that the password is correct and that the account is not locked or disabled.
- Try to SSH to the target Linux or Unix computer again with the user's full NT4-style credentials and password, not just the user's alias. In your SSH command, make sure to use a slash character to escape the slash.
- If you are using AD Bridge Enterprise, make sure that the user's computer is in the correct AD Bridge cell.
- Make sure that the user is enabled to log on the computer, either by being enabled in the cell (with AD Bridge Enterprise) or by being in a group allowed to access the computer. Then try to log on the target computer again.
- Ensure that the AD Bridge Enterprise client can communicate with the Active Directory domain controller.
- Make sure that the shell specified for the user account in Active Directory is available on the target computer. Specifying a shell that is unavailable will block the user account from logging on.
- Verify that the home directory is set and can be created. A home directory that cannot be created because the path is incorrect or the permissions are insufficient can block an attempt to log on.
- Make sure there are no logon restrictions in place, for example, the Group Policy setting that restricts logon to certain users or groups, that prevents the user account from logging on the computer.
- Log on the computer with a different user account, and that is enabled for access to the computer.
Issues with 32-bit CPU Systems
If users are running a 32-bit CPU system, they need to make the following changes in order to do a domain join or to authenticate properly with AD Bridge:
- Stop the lwsmd service: systemctl stop lwsmd.
- Edit the /usr/lib/systemd/system/lwsmd.service file and add TasksMax=infinity.
- Start the lwsmd service if it isn't running: systemctl start lwsmd.
- Reload the daemon: systemctl daemon-reload.
- Reboot the machine.