[Samba] sssd problems after dc1 is no longer online

mourik jan heupink - merit heupink at merit.unu.edu
Fri Jul 25 03:27:23 MDT 2014


Hi Rowland,

>
> I have removed a few lines for clarity, but it would seem that sssd
> cannot bind to x.y.143.15 and it cannot find x.y.143.16.
>
> If you go further down in the log it shows that both servers are
> offline, so I think before you go any further that these problems need
> to be fixed.
Yep, I saw those lines, but the servers are NOT offline: I can connect 
to both them. However: the x.y.143.16 is a kvm virtual machine running 
on the same host, so perhaps there are routing issues there, but the .15 
can be reached for sure from that machine.

And generally: I have posted a mail on 9:59 today on this list that when 
using kinit and klist, things seem to work ok.


> What is in /etc/krb5.conf and /etc/resolv.conf on the client ?

root at epo:~# cat /etc/resolv.conf
nameserver x.y.143.15
nameserver x.y.143.16
root at epo:~# cat /etc/krb5.conf
[libdefaults]
	default_realm = SAMBA.COMPANY.COM
	dns_lookup_realm = true
	dns_lookup_kdc = true
root at epo:~#

I'm also in discussion with Stefan from sernet support, as it seems that 
some dns entries for dc3 (x.y.143.16) are missing. Perhaps that explains 
these issues as well. I guess that should be sorted first.

However, given the fact that kinit/klist both work from this server, I'm 
surprised that sssd doesn't work. Also the rest of our AD seems to work 
perfectly, so there are no major issues.

MJ

>
> Rowland
>


More information about the samba mailing list