<html dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=Windows-1252"> <style>  </style><style id="owaParaStyle" type="text/css">P {margin-top:0;margin-bottom:0;}</style> </head> <body ocsi="0" fpstyle="1" lang="EN-US" link="blue" vlink="purple"> <div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">Hi,<br> <br> Check your GSSAPIAuthentication settings in sshd.conf and restart sshd:<br> <br> GSSAPIAuthentication yes<br> GSSAPICleanupCredentials yes<br> <br> Last week I had some replication problems between replicas which were fixed after re-enabling GSSAPI.<br> <div><br> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px">Regards,<br> Suhail Choudhury.<br> <b>DevOps | Recommendations Team | BSkyB</b><br> <br> </div> </div> </div> </div> <div style="font-family: Times New Roman; color: #000000; font-size: 16px"> <hr tabindex="-1"> <div style="direction: ltr;" id="divRpF850262"><font color="#000000" face="Tahoma" size="2"><b>From:</b> freeipa-users-bounces@redhat.com [freeipa-users-bounces@redhat.com] on behalf of Joseph, Matthew (EXP) [matthew.joseph@lmco.com]<br> <b>Sent:</b> 28 July 2014 17:46<br> <b>To:</b> freeipa-users@redhat.com<br> <b>Subject:</b> [Freeipa-users] IPA Replica Issues<br> </font><br> </div> <div></div> <div> <div class="WordSection1"> <p class="MsoNormal">Hello,</p> <p class="MsoNormal"> </p> <p class="MsoNormal">I’m currently running into some issues with my replica server.</p> <p class="MsoNormal">I noticed it wasn’t getting any updates from the master server so I tried to do a force-sync but it states that it is an “invalid password” which I know it is not the case.</p> <p class="MsoNormal"> </p> <p class="MsoNormal">I tried doing an ipa-replica-manager list replica_server but it gives me the SASL(-13) authentication failure: GSSAPI Failure: gss_accept_sec_context, ‘desc’ Invalid Credentials</p> <p class="MsoNormal"> </p> <p class="MsoNormal">I’ve tried doing a kdestroy and have it prompt me for the password but again, same error.</p> <p class="MsoNormal"> </p> <p class="MsoNormal">Any idea what this would be?</p> <p class="MsoNormal"><br> Thanks,</p> <p class="MsoNormal"> </p> <p class="MsoNormal">Matt</p> </div> </div> </div> </div> Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trademarks of British Sky Broadcasting Group plc and Sky International AG and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the companies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. </body> </html>