[Freeipa-users] Cross domain trust
Steve Dainard
sdainard at miovision.com
Thu Feb 6 15:18:36 UTC 2014
So I've completed the setup, and can see the trust on the Windows side.
I've joined a client to the IPA realm, and can login with a IPA user. When
I try to login (console, ssh, su -) as a domain user I get:
--------CLIENT SIDE--------
[root at rhel6-client ~]# su - sdainard at miovision
su: user sdainard at miovision does not exist
[root at rhel6-client ~]# su - sdainard at MIOVISION.CORP
su: user sdainard at MIOVISION.CORP does not exist
[root at rhel6-client ~]# su - sdainard at miovision.corp
su: user sdainard at miovision.corp does not exist
[root at rhel6-client ~]# ssh sdainard at miovision@localhost
sdainard at miovision@localhost's password:
Permission denied, please try again.
/var/log/secure:
Feb 6 10:13:06 rhel6 sshd[2435]: pam_unix(sshd:auth): check pass; user
unknown
Feb 6 10:13:06 rhel6 sshd[2435]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost
Feb 6 10:13:09 rhel6 sshd[2435]: pam_succeed_if(sshd:auth): error
retrieving information about user sdainard at miovision
Feb 6 10:13:10 rhel6 sshd[2435]: Failed password for invalid user
sdainard at miovision from ::1 port 47391 ssh2
Feb 6 10:13:20 rhel6 sshd[2436]: Connection closed by ::1
Feb 6 10:13:25 rhel6 sshd[2709]: Invalid user sdainard at miovision from ::1
Feb 6 10:13:25 rhel6 sshd[2710]: input_userauth_request: invalid user
sdainard at miovision
Feb 6 10:13:36 rhel6 sshd[2709]: pam_unix(sshd:auth): check pass; user
unknown
Feb 6 10:13:36 rhel6 sshd[2709]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost
Feb 6 10:13:38 rhel6 sshd[2709]: pam_succeed_if(sshd:auth): error
retrieving information about user sdainard at miovision
Feb 6 10:13:40 rhel6 sshd[2709]: Failed password for invalid user
sdainard at miovision from ::1 port 47417 ssh2
No logs for sssd;
# pwd
/var/log/sssd
[root at snapshot-test sssd]# ll
total 0
-rw-------. 1 root root 0 Feb 5 17:38 krb5_child.log
-rw-------. 1 root root 0 Feb 5 17:38 ldap_child.log
-rw-------. 1 root root 0 Feb 5 17:37 sssd.log
-rw-------. 1 root root 0 Feb 5 17:38 sssd_miolinux.corp.log
-rw-------. 1 root root 0 Feb 5 17:38 sssd_nss.log
-rw-------. 1 root root 0 Feb 5 17:38 sssd_pac.log
-rw-------. 1 root root 0 Feb 5 17:38 sssd_pam.log
-rw-------. 1 root root 0 Feb 5 17:38 sssd_ssh.log
/etc/sssd/sssd.conf:
[domain/miolinux.corp]
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = miolinux.corp
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = rhel6-client.miolinux.corp
chpass_provider = ipa
ipa_server = _srv_, ipa1.miolinux.corp
ldap_tls_cacert = /etc/ipa/ca.crt
[sssd]
services = nss, pam, ssh
config_file_version = 2
domains = miolinux.corp
[nss]
[pam]
[sudo]
[autofs]
[ssh]
[pac]
/etc/ipa/default.conf
#File modified by ipa-client-install
[global]
basedn = dc=miolinux,dc=corp
realm = MIOLINUX.CORP
domain = miolinux.corp
server = ipa1.miolinux.corp
xmlrpc_uri = https://ipa1.miolinux.corp/ipa/xml
enable_ra = True
------------ IPA SERVER SIDE --------------
/var/log/dirsrv/slapd-MIOLINUX-CORP/access
* no new entries *
/var/log/dirsrv/slapd-MIOLINUX-CORP/errors
* no new entries *
/var/log/krb5kdc.log when I attempt to su - sdainard at miovision
Feb 06 10:08:25 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:08:25 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699305, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:08:26 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699305, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:08:26 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:08:26 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699306, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:08:27 ipa1.miolinux.corp krb5kdc[7688](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699306, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:08:27 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:08:27 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699307, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:08:27 ipa1.miolinux.corp krb5kdc[7690](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699307, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:08:28 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:08:28 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699308, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:08:28 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699308, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
/var/logkrb5kdc.log when I attempt ssh:
Feb 06 10:13:21 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:21 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699601, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:22 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699601, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:22 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:22 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699602, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:23 ipa1.miolinux.corp krb5kdc[7690](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699602, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:23 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:23 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699603, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:24 ipa1.miolinux.corp krb5kdc[7688](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699603, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:24 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:24 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699604, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:25 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699604, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:25 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: UNKNOWN_SERVER: authtime 0,
sdainard at MIOVISION.CORP for host/localhost at MIOLINUX.CORP, Server not found
in Kerberos database
Feb 06 10:13:25 ipa1.miolinux.corp krb5kdc[7687](info): closing down fd 10
Feb 06 10:13:25 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: UNKNOWN_SERVER: authtime 0,
sdainard at MIOVISION.CORP for host/localhost at MIOLINUX.CORP, Server not found
in Kerberos database
Feb 06 10:13:25 ipa1.miolinux.corp krb5kdc[7689](info): closing down fd 10
Feb 06 10:13:26 ipa1.miolinux.corp krb5kdc[7690](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: UNKNOWN_SERVER: authtime 0,
sdainard at MIOVISION.CORP for host/localhost at MIOLINUX.CORP, Server not found
in Kerberos database
Feb 06 10:13:26 ipa1.miolinux.corp krb5kdc[7690](info): closing down fd 10
Feb 06 10:13:30 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:30 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699610, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:30 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699610, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:31 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:31 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699611, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:31 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699611, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:32 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:32 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699612, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:32 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699612, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:32 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:32 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699612, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:33 ipa1.miolinux.corp krb5kdc[7690](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699612, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:33 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:33 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699613, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7688](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699613, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699614, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699614, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:34 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699614, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:35 ipa1.miolinux.corp krb5kdc[7688](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699614, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:35 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:35 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699615, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7689](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699615, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699616, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7688](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699616, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7687](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:36 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699616, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:37 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699616, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:37 ipa1.miolinux.corp krb5kdc[7690](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:37 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699617, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:38 ipa1.miolinux.corp krb5kdc[7690](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699617, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
Feb 06 10:13:38 ipa1.miolinux.corp krb5kdc[7689](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: NEEDED_PREAUTH:
host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP, Additional pre-authentication required
Feb 06 10:13:38 ipa1.miolinux.corp krb5kdc[7688](info): AS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699618, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
krbtgt/MIOLINUX.CORP at MIOLINUX.CORP
Feb 06 10:13:38 ipa1.miolinux.corp krb5kdc[7687](info): TGS_REQ (4 etypes
{18 17 16 23}) 10.0.6.239: ISSUE: authtime 1391699618, etypes {rep=18
tkt=18 ses=18}, host/rhel6-client.miolinux.corp at MIOLINUX.CORP for
ldap/ipa1.miolinux.corp at MIOLINUX.CORP
*Steve Dainard *
IT Infrastructure Manager
Miovision <http://miovision.com/> | *Rethink Traffic*
519-513-2407 ex.250
877-646-8476 (toll-free)
*Blog <http://miovision.com/blog> | **LinkedIn
<https://www.linkedin.com/company/miovision-technologies> | Twitter
<https://twitter.com/miovision> | Facebook
<https://www.facebook.com/miovision>*
------------------------------
Miovision Technologies Inc. | 148 Manitou Drive, Suite 101, Kitchener, ON,
Canada | N2C 1L3
This e-mail may contain information that is privileged or confidential. If
you are not the intended recipient, please delete the e-mail and any
attachments and notify us immediately.
On Wed, Feb 5, 2014 at 5:30 PM, Steve Dainard <sdainard at miovision.com>wrote:
> I didn't have the firewall on my IPA server down while forming the trust.
> All seems to be working now.
>
> Thanks for your help.
>
> Steve
>
>
>>
>>
>> --
>> / Alexander Bokovoy
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140206/f3cd7602/attachment.htm>
More information about the Freeipa-users
mailing list