[Freeipa-users] LDAP based autofs map redundancy
Jakub Hrozek
jhrozek at redhat.com
Sun Mar 5 20:53:41 UTC 2017
On Sun, Mar 05, 2017 at 02:59:39PM -0500, William Muriithi wrote:
> Jakub,
>
> >>
> >> It does look though like kerberos is not affected as all systems can
> >> authenticate fine, so looks like its autofs issue alone
> >>
> >> This is the error I am noticing on the logs.
> >>
> >> Mar 2 14:18:29 platinum automount[2887]: key "brad" not found in map source(s).
> >> Mar 2 14:19:18 platinum automount[2887]: bind_ldap_simple:
> >> lookup(ldap): Unable to bind to the LDAP server: (default), error
> >> Can't contact LDAP server
> >> Mar 2 14:19:21 platinum automount[2887]: bind_ldap_simple:
> >> lookup(ldap): Unable to bind to the LDAP server: (default), error
> >> Can't contact LDAP server
> >
> > I guess /etc/nsswitch.conf uses ldap for automount and not sssd?
> >
> Actually no. We are using SSSD
>
> Just checked to confirm and looks like below:
>
> services: files sss
> netgroup: files sss
> publickey: nisplus
> automount: sss files
> aliases: files nisplus
> sudoers: files sss
Then I suspect automounter used to use the ldap module and then was
not restarted after nsswitch.conf was set to include sss. Because the
error messages like include error messages directly from libldap and I
wouldn't expect to see those with sssd..
More information about the Freeipa-users
mailing list