Open InformTechPro opened 2 years ago
@InformTechPro it is a message logged by system, since /etc/pam.d/omi
sets omi user as a nologin user, that means no one should login as omi user. The message means someone want to login with omi user and system logs it.
@JumpingYang001 Do we have any option(s) to trace which service triggers the operation?
@InformTechPro need some time to investigate, if find something will update you, thanks.
@JumpingYang001 We deleted/commented the line:”account required pam_nologin.so” in /etc/pam.d/omi. No longer seeing “pam_lologin(omi:account)” messages generated in /var/log/secure log, but continue to monitor.
Red Hat 7.9 servers are logging "omiserver pam_nologin(omiaccount): conversation failed" and "pam_nologin(omiaccount):conversation failed errors. The errors reference omiserver processname and authpriv facility. Please help clarify the impact of the error on omi functionality as well as corrective function to address the error. We checked /etc/pam.conf configuration file, but it's blank.