[Freeipa-users] Possible trust issues
Sumit Bose
sbose at redhat.com
Tue Nov 11 08:26:27 UTC 2014
On Tue, Nov 11, 2014 at 07:52:22AM +0200, Alexander Bokovoy wrote:
> On Mon, 10 Nov 2014, William Muriithi wrote:
> >less /var/log/sssd/sssd_example.loc.log
> >
> >(Mon Nov 10 15:58:21 2014) [sssd[be[example.loc]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'ipa3-yyz-int.example.loc' as 'working'
> >(Mon Nov 10 15:58:21 2014) [sssd[be[example.loc]]] [set_server_common_status] (0x0100): Marking server 'ipa3-yyz-int.example.loc' as 'working'
> >(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=wmuriithi]
> >(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
> >(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=wmuriithi]
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=wmuriithi]
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=wmuriithi]
> >(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
> >
> >Does this mean I have to recreate the trust relationship? I didn't get
> >any error when I set up the trust last week and uncertain recreating
> >the trust would help. Would highly appreciate any pointers on what
> >would be best way forward.
> 's2n exop request failed' above tells that communication to IPA master
> didn't succeed in looking up AD users and groups. You need to enable
> debug in sssd on IPA master and provide logs from there.
Can you resolve the user on the IPA master? Does ssh work in the IPA
master?
bye,
Sumit
>
> --
> / Alexander Bokovoy
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list