[Freeipa-users] No result when trying to integrate a FreeBSD client with the FreeIPA server
Lukas Slebodnik
lslebodn at redhat.com
Tue Oct 14 07:58:33 UTC 2014
On (14/10/14 10:23), Orkhan Gasimov wrote:
>Thanks to both of you for the interest.
>Here`s the info you asked:
>
>1. Putting "debug_level = 7" either in [domain] or/and [nss] section of the
>/usr/local/etc/sssd/sssd.conf file gives nothing in the log. The log file
>located at /var/log/sssd/sssd.log is only populated with data when I make
>some errors in sssd.conf & sssd process fails to start. But that`s the case
>only if I deliberately introduce some errors; with current configuration sssd
>starts successfully.
>
>2. My original sssd.conf (without debugs) is as follows (exact copy of what
>was shown in the post at FreeBSD forums):
>
>-----------------------------------------
>[domain/mydomain.com]
>cache_credentials = True
>krb5_store_password_if_offline = True
>ipa_domain = mydomain.com
>id_provider = ipa
>auth_provider = ipa
>access_provider = ipa
>ipa_hostname = ipa1.mydomain.com
>chpass_provider = ipa
>ipa_server = _srv_ #our FreeIPA server has DNS SRV entries
[resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._tcp.eurosel.az'
...
[resolve_srv_done] (0x0020): SRV query failed: [Domain name not found]
[set_srv_data_status] (0x0100): Marking SRV lookup of service 'IPA' as 'not resolved'
[be_resolve_server_process] (0x0080): Couldn't resolve server (SRV lookup meta-server), resolver returned (5)
DNS discovery of IPA server failed, becuase you just configured few hostnames
in /etc/hosts
You can add IP address or hostname to the option ipa_server
e.g.
ipa_server = _srv_, vm-120.eurosel.az
BTW In my opinion, it is better to have comment before the optiona and not on
the same line :-)
LS
More information about the Freeipa-users
mailing list