[Freeipa-users] sudo with freeIPA
Jakub Hrozek
jhrozek at redhat.com
Mon Aug 25 12:26:49 UTC 2014
On Mon, Aug 25, 2014 at 08:02:02AM -0400, Megan . wrote:
> Below is the output from the sss_<domain>.log when i ran the sudo
> command as the user. I see things about offline replies and LDAP not
> working. Is this my problem or is this part of a normal series of
> items that are tried?
>
>
> (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]]
> [be_resolve_server_process] (0x0200): Found address for server
> dir1.server.example.com: [10.10.26.148] TTL 7200
>
> (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]]
> [child_sig_handler] (0x0100): child [17823] finished successfully.
>
> (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]]
> [sdap_kinit_done] (0x0100): Could not get TGT: 14 [Bad address]
It appears your keytab is wrong. Can you run:
kinit -k
as root on that machine?
If you prepend KRB5_TRACE you will see a lot of debugging info.
More information about the Freeipa-users
mailing list