[Samba] sssd problems after dc1 is no longer online
Rowland Penny
rowlandpenny at googlemail.com
Fri Jul 25 04:14:24 MDT 2014
On 25/07/14 10:27, mourik jan heupink - merit wrote:
> Hi Rowland,
>
>>
>> I have removed a few lines for clarity, but it would seem that sssd
>> cannot bind to x.y.143.15 and it cannot find x.y.143.16.
>>
>> If you go further down in the log it shows that both servers are
>> offline, so I think before you go any further that these problems need
>> to be fixed.
> Yep, I saw those lines, but the servers are NOT offline: I can connect
> to both them. However: the x.y.143.16 is a kvm virtual machine running
> on the same host, so perhaps there are routing issues there, but the
> .15 can be reached for sure from that machine.
>
> And generally: I have posted a mail on 9:59 today on this list that
> when using kinit and klist, things seem to work ok.
>
>
>> What is in /etc/krb5.conf and /etc/resolv.conf on the client ?
>
> root at epo:~# cat /etc/resolv.conf
> nameserver x.y.143.15
> nameserver x.y.143.16
> root at epo:~# cat /etc/krb5.conf
> [libdefaults]
> default_realm = SAMBA.COMPANY.COM
> dns_lookup_realm = true
> dns_lookup_kdc = true
> root at epo:~#
>
> I'm also in discussion with Stefan from sernet support, as it seems
> that some dns entries for dc3 (x.y.143.16) are missing. Perhaps that
> explains these issues as well. I guess that should be sorted first.
>
> However, given the fact that kinit/klist both work from this server,
> I'm surprised that sssd doesn't work. Also the rest of our AD seems to
> work perfectly, so there are no major issues.
>
> MJ
>
>>
>> Rowland
>>
What I was trying to get at was, as far as sssd is concerned, the two
machines are offline, one because the sasl bind fails and the other
because sssd cannot find it. I would also think that even if sssd could
find the second machine the sasl bind would fail, just like the first.
Rowland
More information about the samba
mailing list