[Freeipa-users] Kerberos hanging
Rob Crittenden
rcritten at redhat.com
Wed Mar 1 15:06:16 UTC 2017
Terry John wrote:
> I have a problem using freeipa version 3.0.0-50 on CentOS release 6.8. The problem manifests itself as no authentication, and no DNS.
>
> It seems Kerberos just stops responding to requests and requests just get queued up
> # netstat -tuna | grep SYN_RECV
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> tcp 0 0 <server IP>:88 <client1 IP>:55440 SYN_RECV
> tcp 0 0 <server IP>:88 <client 2 IP>:40076 SYN_RECV
> tcp 0 0 <server IP>:88 <Client 3 IP>:41525 SYN_RECV
> tcp 0 0 <server IP>:88 <Client4 IP>:53958 SYN_RECV
> tcp 0 0 <server IP>:88 <Client5 IP>:54240 SYN_RECV
>
> Looking at /var/log/krb5kdc.log
> The normal activity of AS_REQ and TGS_REC messages just stops. No error messages. Just no new messages.
The problem isn't in Kerberos or DNS, ns-slapd is hanging. See this,
http://directory.fedoraproject.org/docs/389ds/FAQ/faq.html#debugging-hangs
rob
More information about the Freeipa-users
mailing list