[Freeipa-users] Servers intermittently losing connection to IPA
Sumit Bose
sbose at redhat.com
Fri Apr 15 07:14:41 UTC 2016
On Thu, Apr 14, 2016 at 09:53:23PM -0400, Jeff Hallyburton wrote:
> We're seeing the following issue with our jump servers in a client
> environment:
>
> One (sometimes both) jump servers will fall back to local logins at regular
> intervals. This seems to happen for a brief period every 10 - 15 minutes.
> Once IPA access is restored the only indication of a problem in the logs is:
>
> Apr 14 18:09:25 jump01 [sssd[krb5_child[24814]]]: Generic error (see
> e-text)
> Apr 14 18:09:25 jump01 [sssd[krb5_child[24814]]]: Generic error (see
> e-text)
>
> (Fri Apr 8 01:06:25 2016) [sssd[be[example.com]]] [krb5_auth_store_creds]
> (0x0010): unsupported PAM command [249].
> (Fri Apr 8 01:06:25 2016) [sssd[be[example.com]]] [krb5_auth_store_creds]
> (0x0010): password not available, offline auth may not work.
at least the messages from krb5_auth_store_creds() are unrelated. I will
write a patch to silence this messages.
I would expect that SSSD switches to offline mode for some reason. If
you run SSSD with debug_level 8 or higher in the [domain/...] section
you should see messages like 'Going offline!' which indicate the
switching into the offline mode. The log lines before should help to
identify the reason.
HTH
bye,
Sumit
>
>
> This doesn't shed much light on what's going on. Do you have any
> suggestions for troubleshooting?
>
> Jeff Hallyburton
> Strategic Systems Engineer
> Bloomip Inc.
> Web: http://www.bloomip.com
>
> Engineering Support: support at bloomip.com
> Billing Support: billing at bloomip.com
> Customer Support Portal: https://my.bloomip.com <http://my.bloomip.com/>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list