[Freeipa-users] User AD can not Login Client Linux
alireza baghery
baghery.jone at gmail.com
Sun Aug 23 13:23:59 UTC 2015
Hi i install Centos 7.1 (IDM Server)
and integrate with Windows SERVER 2008 R2 Trust
USER AD can not Login on client (OLE 6.6) but User create idm can login
name IDM SERVER= ipasrv.l.infotechpsp.net
domain Windows = infotechpsp.net
i execute [ kinit abagheri at infotechpsp.net] on IDM Server
and klist and show keytab abagheri
but execute kvno abagher at INFOTECHPSP.NET
get ERROR kvno Server not found in kerberos database
please help me and thank you
KLIST
================================
Valid starting Expires Service principal
08/23/15 17:09:53 08/24/15 03:11:34 krbtgt/INFOTECHPSP.NET at INFOTECHPSP.NET
renew until 08/24/15 17:09:53
==================================
Tail LOG /var/log/secure
==================================
Aug 23 17:08:19 ussd7 sshd[10280]: Invalid user abagheri at infotechpsp.net
from 172.26.26.34
Aug 23 17:08:19 ussd7 sshd[10281]: input_userauth_request: invalid user
abagheri at infotechpsp.net
Aug 23 17:08:27 ussd7 sshd[10280]: pam_unix(sshd:auth): check pass; user
unknown
Aug 23 17:08:27 ussd7 sshd[10280]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.26.26.34
Aug 23 17:08:28 ussd7 sshd[10280]: pam_succeed_if(sshd:auth): error
retrieving information about user abagheri at infotechpsp.net
Aug 23 17:08:30 ussd7 sshd[10280]: Failed password for invalid user
abagheri at infotechpsp.net from 172.26.26.34 port 63552 ssh2
=====================================
Tail LOG /var/log/sssd/ssd_l.infotechpsp.net debug_level = 6
=====================================
sssd_l.infotechpsp.net
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_subdomains] (0x0400): Got get subdomains [forced][infotechpsp.net]
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is neutral
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0400): SRV resolution of service 'IPA'. Will use DNS discovery domain '
l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_cont]
(0x0100): Searching for servers via SRV query '_ldap._tcp.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._
tcp.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_done]
(0x0400): Inserted server 'ipasrv.l.infotechpsp.net:389' for service IPA
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_srv_data_status] (0x0100): Marking SRV lookup of service 'IPA' as
'resolved'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of '
ipasrv.l.infotechpsp.net' in files
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'resolving name'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record
of 'ipasrv.l.infotechpsp.net' in files
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_next] (0x0200): No more address families to retry
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of '
ipasrv.l.infotechpsp.net' in DNS
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'name resolved'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420165]
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13370] finished successfully.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTTrustedDomain][cn=trusts,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [be_run_online_cb]
(0x0080): Going online. Running callbacks.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaIDRange][cn=ranges,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTDomainAttrs][cn=ad,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[get_subdomains_callback] (0x0400): Backend returned: (0, 0, <NULL>)
[Success]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_account_info] (0x0100): Got request for [4097][1][name=abagheri]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[delayed_online_authentication_callback] (0x0200): Backend is online,
starting delayed online authentication.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13378] finished successfully.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420166]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTTrustedDomain][cn=trusts,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaIDRange][cn=ranges,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTDomainAttrs][cn=ad,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420166]
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13387] finished successfully.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420167]
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13390] finished successfully.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,5,User lookup
failed
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_account_info] (0x0100): Got request for [4097][1][name=abagheri]
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420171]
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13440] finished successfully.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13463] finished successfully.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420173]
========================================================
KRB5_TRACE=/dev/stdout kinit abagheri at INFOTECHPSP.NET
=========================================================
[30728] 1440335311.68980: Getting initial credentials for
abagheri at INFOTECHPSP.NET
[30728] 1440335311.69469: Sending request (189 bytes) to INFOTECHPSP.NET
[30728] 1440335311.78681: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335311.80054: Sending initial UDP request to dgram
10.30.160.10:88
[30728] 1440335311.81614: Received answer from dgram 10.30.160.10:88
[30728] 1440335311.82441: Response was not from master KDC
[30728] 1440335311.82480: Received error from KDC: -1765328359/Additional
pre-authentication required
[30728] 1440335311.82540: Processing preauth types: 16, 15, 19, 2
[30728] 1440335311.82564: Selected etype info: etype aes256-cts, salt
"INFOTECHPSP.NETabagheri", params ""
Password for abagheri at INFOTECHPSP.NET:
[30728] 1440335316.413940: AS key obtained for encrypted timestamp:
aes256-cts/6EB2
[30728] 1440335316.414096: Encrypted timestamp (for 1440335316.413959):
plain 301AA011180F32303135303832333133303833365AA1050203065107, encrypted
C21063B913A873247164036343C8C18198FB7A19A6341F1BD48CBF3CECE5772023954D0F8850CE61309443C53704E259ACBE25CF920CABA4
[30728] 1440335316.414152: Preauth module encrypted_timestamp (2) (flags=1)
returned: 0/Success
[30728] 1440335316.414166: Produced preauth for next request: 2
[30728] 1440335316.414212: Sending request (269 bytes) to INFOTECHPSP.NET
[30728] 1440335316.416361: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335316.417200: Sending initial UDP request to dgram
10.30.160.10:88
[30728] 1440335316.419693: Received answer from dgram 10.30.160.10:88
[30728] 1440335316.420497: Response was not from master KDC
[30728] 1440335316.420525: Received error from KDC: -1765328332/Response
too big for UDP, retry with TCP
[30728] 1440335316.420541: Request or response is too big for UDP; retrying
with TCP
[30728] 1440335316.420552: Sending request (269 bytes) to INFOTECHPSP.NET
(tcp only)
[30728] 1440335316.421353: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335316.422129: Initiating TCP connection to stream
10.30.160.10:88
[30728] 1440335316.423915: Sending TCP request to stream 10.30.160.10:88
[30728] 1440335316.425538: Received answer from stream 10.30.160.10:88
[30728] 1440335316.426457: Response was not from master KDC
[30728] 1440335316.426505: Processing preauth types: 19
[30728] 1440335316.426523: Selected etype info: etype aes256-cts, salt
"INFOTECHPSP.NETabagheri", params ""
[30728] 1440335316.426536: Produced preauth for next request: (empty)
[30728] 1440335316.426552: AS key determined by preauth: aes256-cts/6EB2
[30728] 1440335316.426641: Decrypted AS reply; session key is:
aes256-cts/3E32
[30728] 1440335316.426649: FAST negotiation: unavailable
[30728] 1440335316.426691: Initializing FILE:/tmp/krb5cc_0 with default
princ abagheri at INFOTECHPSP.NET
[30728] 1440335316.606035: Removing abagheri at INFOTECHPSP.NET -> krbtgt/
INFOTECHPSP.NET at INFOTECHPSP.NET from FILE:/tmp/krb5cc_0
[30728] 1440335316.606062: Storing abagheri at INFOTECHPSP.NET -> krbtgt/
INFOTECHPSP.NET at INFOTECHPSP.NET in FILE:/tmp/krb5cc_0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150823/f58e69ce/attachment.htm>
More information about the Freeipa-users
mailing list