[Freeipa-users] CRON: Authentication service cannot retrieve authentication info
Dmitri Pal
dpal at redhat.com
Mon Apr 13 21:34:17 UTC 2015
On 04/13/2015 08:23 AM, Thomas Lau wrote:
>
> Hi,
>
> These problem appear randomly, sometime it still work even under heavy
> packet loss, some times would be like this. So its hard to catch.
>
> On Apr 13, 2015 3:22 PM, "Jakub Hrozek" <jhrozek at redhat.com
> <mailto:jhrozek at redhat.com>> wrote:
>
> On Mon, Apr 13, 2015 at 01:15:09PM +0800, Thomas Lau wrote:
> > Hi all,
> >
> > We have cronjob which running on a FreeIPA LDAP user; When
> connection
> > between IPA server and client having heavy packet loss, following
> > error would occur:
> >
> > CRON[20637]: Authentication service cannot retrieve
> authentication info
> >
> > I have cache credentials and store password if offline enabled on
> > sssd, how these problem would still happening?
>
It might be that the cause of the problem is actually the packet loss or
some kind of delay.
SSSD might not think that it is offline but cron job itself times out
and reports failure.
Do you know what operation in the job fails?
> >
> >
> > sssd.conf:
> >
> > cache_credentials = True
> > krb5_store_password_if_offline = True
>
> Did the use log in at least once offline? You can verify if the
> password
> has been cached using the ldbsearch utility. It would be best to catch
> the occurence of the problem in logs.
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150413/e338c878/attachment.htm>
More information about the Freeipa-users
mailing list