[Freeipa-users] AD trust showing offline after reboot

Sumit Bose sbose at redhat.com
Fri May 16 13:44:08 UTC 2014 

On Fri, May 16, 2014 at 04:29:33PM +0530, Supratik Goswami wrote:
> Yes DNS is working fine and is able to return the IP address of the AD
> server.
> 
> [root at master samba]# dig SRV _ldap._tcp.ad.idm.example.com
> 
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> SRV _ldap._
> tcp.ad.idm.example.com
> ;; global options: +cmd
>  ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29147
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; QUESTION SECTION:
> ;_ldap._tcp.ad.idm.example.com. IN SRV
> 
> ;; ANSWER SECTION:
> _ldap._tcp.ad.idm.example.com. 600 IN SRV 0 100 389
> master.ad.idm.example.com.
> 
> ;; ADDITIONAL SECTION:
> master.ad.idm.example.com. 3600 IN A 10.255.0.4
> 
> ;; Query time: 1 msec
> ;; SERVER: 10.255.0.4#53(10.255.0.4)
> ;; WHEN: Fri May 16 10:46:23 2014
> ;; MSG SIZE  rcvd: 106
> 
> 
> 
> In my case AD is the netbios name of the AD domain. Please find the log
> message from the file log.wb-AD.
> 
> 

...

> [2014/05/16 10:50:37.542420,  5, pid=3305, effective(0, 0), real(0, 0)]
> [2014/05/16 10:50:44.451669,  3, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/util_sock.c:585(open_socket_out_send)
>   Connecting to 10.255.0.4 at port 445
> [2014/05/16 10:50:44.452793,  3, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/clidgram.c:333(nbt_getdc_send)
>   No nmbd found
> [2014/05/16 10:50:44.452930, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/namequery.c:916(name_status_find)
>   name_status_find: looking up AD#1c at 10.255.0.4
> [2014/05/16 10:50:44.453044,  5, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/namecache.c:299(namecache_status_fetch)
>   namecache_status_fetch: no entry for NBT/AD#1C.20.10.255.0.4 found.
> [2014/05/16 10:50:44.453279, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/util_sock.c:499(open_socket_in)
>   bind succeeded on port 0
> [2014/05/16 10:50:44.453449, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/unexpected.c:546(nb_packet_reader_connected)
>   async_connect failed: No such file or directory
> [2014/05/16 10:50:44.453564, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/namequery.c:600(nb_trans_got_reader)
>   nmbd not around
> [2014/05/16 10:50:45.454766, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:46.456103, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:47.457451, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:48.458773, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:49.460093, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:50.461420, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:51.462723, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:52.464265, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:53.465546, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750470
> [2014/05/16 10:50:54.455168, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/lib/events.c:216(run_events_poll)
>   Running timed event "tevent_req_timedout" 0x1750590
> [2014/05/16 10:50:54.455385, 10, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/namequery.c:962(name_status_find)
>   name_status_find: name not found
> [2014/05/16 10:50:54.455497, 10, pid=3305, effective(0, 0), real(0, 0),
> class=tdb] ../source3/lib/gencache.c:179(gencache_set_data_blob)
>   Adding cache entry with key = NEG_CONN_CACHE/AD,10.255.0.4 and timeout =
> Fri May 16 10:51:54 2014
>    (60 seconds ahead)
> [2014/05/16 10:50:54.455739,  9, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/conncache.c:189(add_failed_connection_entry)
>   add_failed_connection_entry: added domain AD (10.255.0.4) to failed conn
> cache

> class=tdb] ../source3/lib/gencache.c:246(gencache_del)
>   Deleting cache entry (key = SAFJOIN/DOMAIN/AD)
> [2014/05/16 10:50:54.455967, 10, pid=3305, effective(0, 0), real(0, 0),
> class=tdb] ../source3/lib/gencache.c:246(gencache_del)
>   Deleting cache entry (key = SAF/DOMAIN/AD)
> [2014/05/16 10:50:54.456078, 10, pid=3305, effective(0, 0), real(0, 0),
> class=tdb] ../source3/lib/gencache.c:179(gencache_set_data_blob)
>   Adding cache entry with key = NEG_CONN_CACHE/ad.idm.example.com,10.255.0.4
> and timeout = Fri May 16 10:51:54 2014
>    (60 seconds ahead)
> [2014/05/16 10:50:54.456236,  9, pid=3305, effective(0, 0), real(0, 0)]
> ../source3/libsmb/conncache.c:189(add_failed_connection_entry)
>   add_failed_connection_entry: added domain ad.idm.example.com (10.255.0.4)
> to failed conn cache
> [2014/05/16 10:50:54.456330, 10, pid=3305, effective(0, 0), real(0, 0),
> class=tdb] ../source3/lib/gencache.c:246(gencache_del)

looks like the connection to 10.255.0.4 timed out after 10 seconds. Is
there a firewall which might drop the packets?

bye,
Sumit

More information about the Freeipa-users mailing list