[Freeipa-users] Server randomly will stop accepting krb requests
Alexander Bokovoy
abokovoy at redhat.com
Mon Sep 30 17:19:49 UTC 2013
On Mon, 30 Sep 2013, Andrew Tranquada wrote:
>Thanks for the response
>I did look in /var/log/slapd-PKI* or slapd-<DOMAIN> (I guess I was not
>too clear I did that in my email) in those logs the last thing in that
>log is from Sep 18
>
>From /var/log/dirsrv/slapd-EXAMPLE-COM/errors:
>
>[18/Sep/2013:01:09:34 -0400] slapd_ldap_sasl_interactive_bind - Error:
>could not perform interactive bind for id [] mech [GSSAPI]: LDAP error
>-2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified
>GSS failure. Minor code may provide more information (KDC returned
>error string: PROCESS_TGS)) errno 2 (No such file or directory)
>
>That is all, the items before that time are addition/deletion of
>entries which is normal.
'PROCESS_TGS' error message most likely means that ns-slapd failed to
serve a query from KDC's database driver and disappeared, thus breaking
unix domain socket that the driver was using to communicate with
ns-slapd (we see it with 'errno 2 (No such file or directory)' error
message).
As Rob said, there should be ns-slapd core somewhere that should tell
where it crashed.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list