[Freeipa-users] Server error with multiple clients joining domain simultaneously

Petr Spacek pspacek at redhat.com
Fri Jan 29 11:35:41 UTC 2016 

Interesting, we have to investigate it!

Here is a ticket:
https://fedorahosted.org/freeipa/ticket/5653

You can Cc yourself to it and watch the progress.

Petr^2 Spacek

On 28.1.2016 20:17, David Zabner wrote:
> I was guessing that it was a problem with mod_auth_gssapi and so I tried switching the auth method back to mod_auth_kerb which did not work. (although it is entirely possible that I did not switch it correctly)
> 
> I did it by changing the gssapi settings in /etc/httpd/conf.d/ipa.conf to:
> <Location "/ipa">
>   AuthType Kerberos
>   AuthName "Kerberos Login"
>   KrbMethodNegotiate on
>   KrbMethodK5Passwd off
>   KrbServiceName HTTP
>   KrbAuthRealms $realm
>   Krb5KeyTab /etc/httpd/conf/ipa.keytab
>   KrbSaveCredentials on
>   KrbConstrainedDelegation on
>   Require valid-user
>   ErrorDocument 401 /ipa/errors/unauthorized.html
> </Location>
> It just seemed to cause other problems...
> 
> On Jan 28, 2016, at 1:44 PM, Izzo, Anthony <aizzo01 at harris.com<mailto:aizzo01 at harris.com>> wrote:
> 
> I should add that some of my team members have tried serializing their instance launches, and this problem does not seem to occur under those circumstances.  (That’s not a solution, just a data point for those interested in this behavior).  Thanks.
> 
> 
> From: Izzo, Anthony (U.S. Person)
> Sent: Thursday, January 28, 2016 1:35 PM
> To: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
> Cc: 'David Zabner' <david at cazena.com<mailto:david at cazena.com>>
> Subject: RE: [Freeipa-users] Server error with multiple clients joining domain simultaneously
> 
> Yes, that’s it!
> 
> From: David Zabner [mailto:david at cazena.com]
> Sent: Thursday, January 28, 2016 1:31 PM
> To: Izzo, Anthony (U.S. Person) <aizzo01 at harris.com<mailto:aizzo01 at harris.com>>
> Cc: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
> Subject: Re: [Freeipa-users] Server error with multiple clients joining domain simultaneously
> 
> This sounds exactly like the problem I am having. I will attach my error log. Is this what yours looks like?
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
> 
> 
> 


-- 
Petr^2 Spacek

More information about the Freeipa-users mailing list