Authorization problem

Forums / NoMachine for Linux / Authorization problem

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #26137
    Avatarmrosing
    Participant

    I have a machine running Ubuntu 18.04 on both client and server.  The client reports authorization failure and won’t connect.  If I run

    $ /usr/NX/bin/nxexec –auth

    This happens:
    Username:mrosing
    Please wait…
    Please wait…
    Please wait…
    ERROR: Internal exception.
    28560 28560 08:07:29 918 nxexecPAMCheckCredentials: ERROR!Authentication failed with error 7.

    Nothing shows up in any log files (that I’m aware of).   How can I debug this?

    Thanks.

    #26159
    Avatarmrosing
    Participant

    I found a couple of things: https://www.nomachine.com/AR08M00857  and https://www.nomachine.com/DT10O00162.  I’ll see what I can come up with based on this.

    #26311
    AvatarCato
    Contributor

    Hello mrosing,

    The error means that some internal PAM module failure occured. PAM errors are usually written to /var/log/auth.log on Ubuntu host. Please, check if you can find anything useful there. Can you share the output of ‘grep -r “nxexec” /var/log/auth.log’?
    You can also try modifying PAM configuration for NX protocol authentication, residing in /etc/pam.d/nx file. If the problem doesn’t occur when SSH protocol is in use, you can try to reuse SSH PAM configuration with NX. You can achieve that by running as root:

    cp /etc/pam.d/nx /etc/pam.d/nx.ori

    cp /etc/pam.d/sshd /etc/pam.d/nx

    Let us know if this solves the issue.

    #26326
    Avatarmrosing
    Participant

    Our IT guys dug into the pam.d directory and found several configuration problems.  The nx file was definitely one of them:

    “It looks like /etc/pam.d/nx was missing some settings to allow nxexec to bypass MFA”  It took a few tries and a reboot, but they got it working.  I’m not exactly sure what they did, but it now works and all is well!  Thanks!

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.