How to configure VM to allow Instant Access Single File Recovery when using 3rd party authentication
Description
When performing Instant Access Single File Recovery to a Linux VM using 3rd party authentication like SSSD or Centrify, you must configure VMware Tools to work with that 3rd party authentication.
1. Login to the Guest VM you are trying to restore to.
2. Review the /etc/pam.d/vmtoolsd
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth sufficient pam_unix.so shadow
auth required pam_unix_auth.so shadow
account sufficient pam_unix.so
account required pam_unix_acct.so
3. Add the 3rd authentication to this file.
For example if using SSSD:
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth sufficient pam_unix.so shadow
auth sufficient pam_sss.so
auth required pam_unix_auth.so shadow
account sufficient pam_unix.so
account sufficient pam_sss.so
account required pam_unix_acct.so
If using Centrify:
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth required pam_shells.so
auth sufficient pam_centrifydc.so
auth sufficient pam_unix.so shadow
auth required pam_unix_auth.so shadow
auth sufficient pam_centrifydc.so
auth requisite pam_centrifydc.so deny
account required pam_shells.so
account sufficient pam_centrifydc.so
account sufficient pam_unix.so
account required pam_unix_acct.so