[Freeipa-users] (no subject)
Михаил А
avdusheff at gmail.com
Fri Oct 11 09:22:22 UTC 2013
Good afternoon. In each region, I have a couple of controllers (windows and
ipa). With the authorization server in the logs ipa (sssd log) I find that
the request is not for the neighbor by location windows server, and
randomly throughout the forest. Tell me is there a way to explicitly
specify the IPA server on windows DC. Logs attached.
there somewhere documentation about?
next to the IPA server pk529ad-dc01.sys.local
IPA server and knocks pk429ad-dc01.sys.local to another region
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20131011/6c5dcb90/attachment.htm>
-------------- next part --------------
[sssd[be[ipa.sys.local]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=vccs]
[sssd[be[ipa.sys.local]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'sys.local'
[sssd[be[ipa.sys.local]]] [resolve_srv_send] (0x0200): The status of SRV lookup is neutral
[sssd[be[ipa.sys.local]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._tcp.sys.local'
[sssd[be[ipa.sys.local]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'pk429ad-dc01.sys.local' in files
[sssd[be[ipa.sys.local]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'pk429ad-dc01.sys.local' in files
[sssd[be[ipa.sys.local]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry
[sssd[be[ipa.sys.local]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'pk429ad-dc01.sys.local' in DNS
[sssd[be[ipa.sys.local]]] [fo_resolve_service_timeout] (0x0080): Service resolving timeout reached
[sssd[be[ipa.sys.local]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error])
[sssd[be[ipa.sys.local]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks.
[sssd[be[ipa.sys.local]]] [ipa_get_ad_acct_ad_part_done] (0x0040): AD lookup failed: 11
[sssd[be[ipa.sys.local]]] [ipa_account_info_error_text] (0x0020): Bug: dp_error is OK on failed request
[sssd[be[ipa.sys.local]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,11,Account info lookup failed
[sssd[be[ipa.sys.local]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.IPA.SYS.LOCAL], [2][No such file or directory]
-------------- next part --------------
WINDOWS
[root at pk529ipa01 ~]# dig SRV _ldap._tcp.sys.local
; <<>> DiG 9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19 <<>> SRV _ldap._tcp.sys.l ocal
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30812
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 15
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;_ldap._tcp.sys.local. IN SRV
;; ANSWER SECTION:
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk529ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk329ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 p0029ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk529ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk229ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk429ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk329ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk629ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 p0029ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk729ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk729ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk629ad-dc02.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk429ad-dc01.sys.local .
_ldap._tcp.sys.local. 600 IN SRV 0 100 389 pk229ad-dc02.sys.local .
;; ADDITIONAL SECTION:
pk529ad-dc02.sys.local. 3600 IN A 172.21.167.135
pk329ad-dc02.sys.local. 1200 IN A 172.21.71.135
p0029ad-dc02.sys.local. 3600 IN A 192.168.226.61
pk529ad-dc01.sys.local. 3600 IN A 172.21.167.134
pk229ad-dc01.sys.local. 3600 IN A 172.21.7.134
pk429ad-dc02.sys.local. 3600 IN A 172.21.135.135
pk329ad-dc01.sys.local. 3600 IN A 172.21.71.134
pk629ad-dc01.sys.local. 3600 IN A 172.21.39.134
p0029ad-dc01.sys.local. 3600 IN A 192.168.226.60
pk729ad-dc01.sys.local. 3600 IN A 172.21.103.134
pk729ad-dc02.sys.local. 3600 IN A 172.21.103.135
pk629ad-dc02.sys.local. 3600 IN A 172.21.39.135
pk429ad-dc01.sys.local. 3600 IN A 172.21.135.134
pk229ad-dc02.sys.local. 3600 IN A 172.21.7.135
;; Query time: 8 msec
;; SERVER: 172.21.167.134#53(172.21.167.134)
;; WHEN: Fri Oct 11 13:21:05 MSK 2013
;; MSG SIZE rcvd: 861
IPA
[root at pk529ipa01 ~]# dig SRV _ldap._tcp.ipa.sys.local
; <<>> DiG 9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19 <<>> SRV _ldap._tcp.ipa.sys.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22486
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;_ldap._tcp.ipa.sys.local. IN SRV
;; ANSWER SECTION:
_ldap._tcp.ipa.sys.local. 77052 IN SRV 0 100 389 p0129ipa02.ipa.sys.local.
_ldap._tcp.ipa.sys.local. 77052 IN SRV 0 100 389 p0029ipa01.ipa.sys.local.
_ldap._tcp.ipa.sys.local. 77052 IN SRV 0 100 389 p0129ipa01.ipa.sys.local.
_ldap._tcp.ipa.sys.local. 77052 IN SRV 0 100 389 p0029ipa02.ipa.sys.local.
;; ADDITIONAL SECTION:
p0129ipa02.ipa.sys.local. 1182 IN A 10.65.1.199
p0029ipa01.ipa.sys.local. 1182 IN A 192.168.226.62
p0129ipa01.ipa.sys.local. 1182 IN A 10.65.1.198
p0029ipa02.ipa.sys.local. 1182 IN A 192.168.226.63
;; Query time: 5 msec
;; SERVER: 172.21.167.134#53(172.21.167.134)
;; WHEN: Fri Oct 11 13:21:39 MSK 2013
;; MSG SIZE rcvd: 293
More information about the Freeipa-users
mailing list