[Freeipa-users] No result when trying to integrate a FreeBSD client with the FreeIPA server
Alexander Bokovoy
abokovoy at redhat.com
Tue Oct 14 07:50:34 UTC 2014
On Tue, 14 Oct 2014, Orkhan Gasimov wrote:
>With help from Alexander Bokovoy I found correct log destinations:
>
>sssd-domain-log:https://cloud.mail.ru/public/1e803a00989e%2Fsssd_eurosel.az.log
>sssd-nss-log:https://cloud.mail.ru/public/ae41ae3b44b6%2Fsssd_nss.log
>
>These files are from my second Fedora - FreeBSD setup, they have
>different domain name, but everything else is identical.
>
>Interestingly enough, there are lines in sssd_nss.log telling that there
>are no users or groups in the domain. But as I said, I can ssh to the
>IPA server as an IPA user.
You have basic problem of DNS resolution at the FreeBSD client side:
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [resolve_srv_done]
(0x0020): SRV query failed: [Domain name not found]
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [fo_set_port_status]
(0x0100): Marking port 0 of server '(no name)' as 'not working'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [set_srv_data_status]
(0x0100): Marking SRV lookup of service 'IPA' as 'not resolved'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[be_resolve_server_process] (0x0080): Couldn't resolve server (SRV
lookup meta-server), resolver returned (5)
...
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [fo_set_port_status]
(0x0100): Marking port 0 of server '(no name)' as 'not working'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [set_srv_data_status]
(0x0100): Marking SRV lookup of service 'IPA' as 'not resolved'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[be_resolve_server_process] (0x0080): Couldn't resolve server (SRV
lookup meta-server), resolver returned (5)
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[be_resolve_server_process] (0x1000): Trying with the next one!
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [get_port_status]
(0x1000): Port status of port 0 for server '(no name)' is 'not working'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[fo_resolve_service_send] (0x0020): No available servers for service
'IPA'
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[be_resolve_server_done] (0x1000): Server resolution failed: 5
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]]
[sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5
[Input/output error])
(Tue Oct 14 12:09:04 2014) [sssd[be[eurosel.az]]] [be_run_offline_cb]
(0x0080): Going offline. Running callbacks.
Make sure your DNS infrastructure is actually working. Run following on
FreeBSD side:
dig SRV _ldap._tcp.eurosel.az
dig SRV _kerberos._tcp.eurosel.az
and fix either your resolver or DNS server to properly resolve SRV
records for IPA domain (assuming eurosel.az is your IPA domain).
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list