[Freeipa-users] freeipa cert validation failed, SEC_ERROR_UNTRUSTED_ISSUER
Alexander Bokovoy
abokovoy at redhat.com
Wed Sep 9 14:01:46 UTC 2015
On Wed, 09 Sep 2015, Morgan Marodin wrote:
>Hi Alexander.
>
>Ok, after enabling debugging I have these logs:
>-------------------------------------------------------------------
>==> /var/log/httpd/error_log <==
>INFO: Current debug levels:
> all: 100
> tdb: 100
> printdrivers: 100
> lanman: 100
> smb: 100
> rpc_parse: 100
> rpc_srv: 100
> rpc_cli: 100
> passdb: 100
> sam: 100
> auth: 100
> winbind: 100
> vfs: 100
> idmap: 100
> quota: 100
> acls: 100
> locking: 100
> msdfs: 100
> dmapi: 100
> registry: 100
> scavenger: 100
> dns: 100
> ldb: 100
>pm_process() returned Yes
>GENSEC backend 'gssapi_spnego' registered
>GENSEC backend 'gssapi_krb5' registered
>GENSEC backend 'gssapi_krb5_sasl' registered
>GENSEC backend 'sasl-DIGEST-MD5' registered
>GENSEC backend 'spnego' registered
>GENSEC backend 'schannel' registered
>GENSEC backend 'sasl-EXTERNAL' registered
>GENSEC backend 'ntlmssp' registered
>Using binding ncacn_np:srv01.ipa.mydomain.com[,]
>s4_tevent: Added timed event "dcerpc_connect_timeout_handler":
>0x7f8a3c224990
>s4_tevent: Added timed event "composite_trigger": 0x7f8a3c042170
>s4_tevent: Added timed event "composite_trigger": 0x7f8a3c25b4a0
>s4_tevent: Running timer event 0x7f8a3c042170 "composite_trigger"
>s4_tevent: Destroying timer event 0x7f8a3c25b4a0 "composite_trigger"
>Mapped to DCERPC endpoint \pipe\lsarpc
>added interface eth0 ip=192.168.0.65 bcast=192.168.0.255
>netmask=255.255.255.0
>added interface eth0 ip=192.168.0.65 bcast=192.168.0.255
>netmask=255.255.255.0
Do you have IPv6 stack enabled?
>[2015/09/09 08:45:05.032211, 50, pid=11196, effective(0, 0), real(0, 0)]
>../lib/util/tevent_debug.c:63(samba_tevent_debug)
> s3_tevent: Schedule immediate event "tevent_req_trigger": 0x7f7118a92cf0
>[2015/09/09 08:45:05.032282, 50, pid=11196, effective(0, 0), real(0, 0)]
>../lib/util/tevent_debug.c:63(samba_tevent_debug)
> s3_tevent: Run immediate event "tevent_req_trigger": 0x7f7118a92cf0
>[2015/09/09 08:45:05.032353, 4, pid=11196, effective(217400000,
>217400000), real(217400000, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
> pop_sec_ctx (217400000, 217400000) - sec_ctx_stack_ndx = 0
>[2015/09/09 08:45:05.032421, 2, pid=11196, effective(217400000,
>217400000), real(217400000, 0), class=rpc_srv]
>../source3/rpc_server/rpc_ncacn_np.c:630(make_external_rpc_pipe_p)
> tstream_npa_connect_recv to /run/samba/ncalrpc/np for pipe lsarpc and
>user IPA\admin failed: No such file or directory
I'm particularly worrying about his one -- /run/samba/ncalrpc/np pipe
has to be there.
Can you explain what is your setup in detail?
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list