[Freeipa-users] Automount kerberos errors

[Dmitri Pal]

On 11/22/2011 02:46 PM, Sigbjorn Lie wrote:
> Hi,
>
> I have configured automount to use the hosts' kerberos keytab to speak
> GSSAPI with the IPA server, using the following as
> /etc/autofs_ldap_auth.conf:
>
> <?xml version="1.0" ?>
> <!--
> GENERATED BY CFENGINE
> -->
> <autofs_ldap_sasl_conf
>     usetls="no"
>     tlsrequired="no"
>     authrequired="autodetect"
>     authtype="GSSAPI"
>     clientprinc="host/redhat5.ix.test.com at IX.TEST.COM"
> />
>
>
> I get the following error messages in the log, once a day. It seem
> like the ticket expires before it's renewed. Has anyone else seen
> this? Or perhaps I should file a bug report on the automounter? I
> don't get this error message on Red Hat 6 clients.
>
> I also get the error where automount says sss is not a supported
> automount source, even though the ipa-client-install script configured
> nsswitch to look up automount in sss. I get this error message on both
> Red Hat 5 and Red Hat 6 machines. What's going on?
>
>
>
>
> Nov 20 15:49:15 redhat5 automount[26234]: ignored unsupported autofs
> nsswitch source "sss"


SSSD does not support automount integration yet.

> Nov 20 15:49:15 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 20 15:49:15 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 20 16:05:33 redhat5 automount[26234]: ignored unsupported autofs
> nsswitch source "sss"
> Nov 20 16:05:33 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 20 16:05:33 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 20 16:20:17 redhat5 automount[26234]: ignored unsupported autofs
> nsswitch source "sss"
> Nov 20 16:20:17 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 20 16:20:18 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 20 16:43:44 redhat5 automount[26234]: ignored unsupported autofs
> nsswitch source "sss"
> Nov 20 16:43:44 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 20 16:43:44 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 20 20:13:28 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 20 20:13:28 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 21 22:01:47 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 21 22:01:48 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 21 22:51:57 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 21 22:51:58 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 21 23:14:30 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 21 23:14:30 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
> Nov 22 20:36:34 redhat5 automount[26234]: sasl_log_func:100: No worthy
> mechs found
> Nov 22 20:36:34 redhat5 automount[26234]: sasl_log_func:100: GSSAPI
> Error: Unspecified GSS failure.  Minor code may provide more
> information (Ticket expired)
>
>
> Rgds,
> Siggi
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/