[Freeipa-users] installation of ipa-server successful but sssd fails..

[lejeczek]

he everybody,
my first tampering with install gets me:

Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]: 
Starting up
Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]: 
Failed to read keytab [default]: Bad address
Feb 24 11:04:22 my.host.fake sssd[17406]: Exiting the SSSD. 
Could not restart critical service [host.fake].
Feb 24 11:04:22 my.host.fake systemd[1]: sssd.service: 
control process exited, code=exited status=1
Feb 24 11:04:22 my.host.fake systemd[1]: Failed to start 
System Security Services Daemon.
Feb 24 11:04:22 my.host.fake systemd[1]: Unit sssd.service 
entered failed state.
Feb 24 11:04:22 my.host.fake systemd[1]: sssd.service failed.

And just after install process finishes I try:
$ kinit admin
kinit: Improper format of Kerberos configuration file while 
initializing Kerberos 5 library

here is keytab server installer created/amended: (one thing 
that I'm not sure is the fact that my new "host.fake" domain 
is different from my previously existing ldap search
"dc=xxx,dc=zzzzzzzz" - if it matters at all? Otherwise I 
have no clue.

[domain/host.fake]

cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = host.fake
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = my.host.fake
chpass_provider = ipa
ipa_server = my.host.fake
ipa_server_mode = True
ldap_tls_cacert = /etc/ipa/ca.crt
[domain/default]
autofs_provider = ldap
cache_credentials = True
krb5_realm = #
ldap_search_base = dc=xxx,dc=zzzzzzzz
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://my.host.fake:1389/
ldap_id_use_start_tls = True
ldap_tls_cacertdir = /etc/openldap/cacerts

krb5_server = my.host.fake:88
[sssd]
services = nss, sudo, pam, autofs, ssh
config_file_version = 2

domains = host.fake

[nss]
memcache_timeout = 600
homedir_substring = /home


regards.