How to configure VM to allow Instant Access Single File Recovery when using 3rd party authentication
Description
When performing Instant Access Single File Recovery to a Linux VM using 3rd party authentication like SSSD or Centrify, you must configure VMware Tools to work with that 3rd party authentication.
1. Login to the Guest VM you are trying to restore to.
2. Review the /etc/pam.d/vmtoolsd
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth sufficient pam_unix.so shadow
auth required pam_unix_auth.so shadow
account sufficient pam_unix.so
account required pam_unix_acct.so
3. Add the 3rd authentication to this file.
For example if using SSSD:
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth sufficient pam_unix.so shadow
auth sufficient pam_sss.so
auth required pam_unix_auth.so shadow
account sufficient pam_unix.so
account sufficient pam_sss.so
account required pam_unix_acct.so
If using Centrify:
# cat /etc/pam.d/vmtoolsd#%PAM-1.0
auth required pam_shells.so
auth sufficient pam_centrifydc.so
auth sufficient pam_unix.so shadow
auth required pam_unix_auth.so shadow
auth sufficient pam_centrifydc.so
auth requisite pam_centrifydc.so deny
account required pam_shells.so
account sufficient pam_centrifydc.so
account sufficient pam_unix.so
account required pam_unix_acct.so
References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.