PAMSC : 14.1
OS : Redhat 7.9
Domain Users (DOMAIN\user1) are using RSH to access Redhat Linux Servers.
Although "id" and "whoami" command returns the Domain user identity, "sewhoami" is returning "root".
Release : 14.1
OS : Redhat 7.9
PAMSC was not capturing the login correctly due to the "Login flags" configuration was set to "none".
Data for LOGINAPPL 'RSH'
-----------------------------------------------------------
Defaccess : X
Audit mode : Failure
Comment : Predefined rule for Login application.
Login flags : None
Login method : Normal
Login path : /usr/sbin/in.rshd
Login sequence : SGID, SUID
Data for LOGINAPPL 'RLOGIN'
-----------------------------------------------------------
Defaccess : X
Audit mode : Failure
Comment : Predefined rule for Login application.
Login flags : None
Login method : Normal
Login path : /usr/sbin/in.rlogind
Login sequence : SGRP, SUID
Changed "Login flags" from "none" to "PAM login" and correctly detects the user identity.