[Freeipa-users] Unable to set up freeIPA on a fresh ubuntu 16.04.1 install
Petr Spacek
pspacek at redhat.com
Mon Aug 15 09:33:03 UTC 2016
On 15.8.2016 03:29, David Kowis wrote:
> On 08/14/2016 07:57 PM, David Kowis wrote:
>> On 08/14/2016 02:31 PM, David Kowis wrote:
>>> Perhaps someone else has had this error before, or maybe just knows what
>>> I need to do?
>>
>> Digging through the mailing list, I only find this guy:
>> https://www.redhat.com/archives/freeipa-devel/2014-October/msg00480.html
>>
>> Seems someone had the exact same problem I did almost two years ago, and
>> didn't post about their solution, if they got any solution.
>
> Narrowed it down a bit further:
>
>
> Aug 14 20:27:24 freeipavm ipa-dnskeysyncd[31211]: ipa: WARNING: session
> memcached servers not running
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: ipa : INFO
> LDAP bind...
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: Traceback (most recent
> call last):
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File
> "/usr/lib/ipa/ipa-dnskeysyncd", line 92, in <module>
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]:
> ldap_connection.sasl_interactive_bind_s("", ipaldap.SASL_GSSAPI)
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File
> "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 932, in
> sasl_interactive_bind_s
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: res =
> self._apply_method_s(SimpleLDAPObject.sasl_interactive_bind_s,*args,**kwargs)
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File
> "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 900, in
> _apply_method_s
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: return
> func(self,*args,**kwargs)
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File
> "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 244, in
> sasl_interactive_bind_s
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: return
> self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File
> "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in
> _ldap_call
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: result =
> func(*args,**kwargs)
> Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]:
> ldap.STRONG_AUTH_NOT_SUPPORTED: {'info': 'sasl mechanism not supported',
> 'desc': 'Authentication method not supported'}
> Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Main
> process exited, code=exited, status=1/FAILURE
> Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Unit
> entered failed state.
> Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Failed
> with result 'exit-code'.
>
>
> Seems this service doesn't start with the sasl mechanism not supported.
>
> Does anyone know what's missing, or how I can get further information?
> Is it the LDAP server, or am I missing a sasl lib for python? Maybe a
> configuration file?
This is weird as LDAP SASL & GSSAPI is pretty standard thing.
In any case, you can check server logs or use tcpdump/wireshark and see if the
error somes from LDAP server or if it is client side error.
That would tell us where to focus.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list