[Freeipa-users] Client Auth Failing - Ubuntu 15.10
Jester 2.0
jester2.0 at gmail.com
Tue Feb 23 21:16:48 UTC 2016
The "KRB5_TRACE=/dev/stderr kinit jon" command helped out immensely by
pointing out that it was failing on dir1, but not dir0.
Turns out it was a DNS issue on my second directory server was breaking
replication.
Thank you for the assistance.
On Tue, Feb 23, 2016 at 3:42 PM, Jakub Hrozek <jhrozek at redhat.com> wrote:
> On Tue, Feb 23, 2016 at 03:33:31PM -0500, Jester wrote:
> > Made no changes to the system between posting. Only tried a couple of
> > kinits to generate some logs.
> >
> > Set sssd debug to 9, restarted, did a few kinits.
>
> kinit doesn't hit sssd, but goes directly to the KDC.
>
> >
> > root at nuc0:/var/log/sssd# service sssd start
> > root at nuc0:/var/log/sssd# kinit admin
> > Password for admin at MRJESTER.NET:
> > root at nuc0:/var/log/sssd# kinit jon
> > kinit: Client 'jon at MRJESTER.NET' not found in Kerberos database while
>
> Again, if you're sure the principal 'jon' exists on the server, then I
> would suggest to try:
> KRB5_TRACE=/dev/stderr kinit jon
> and see if you talk to the KDC you expect.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160223/58148584/attachment.htm>
More information about the Freeipa-users
mailing list