Dear Rob, Thanks for the fast reply, I think there's something really wrong with the hostname that's configured for the box (that'll teach me for using Ansible), and it's trying to auth locally when it's not running yet.
krb5kdc.log Nov 01 18:18:59 ipa-a.in.bmrc.ox.ac.uk krb5kdc[11212](info): AS_REQ (8 etypes {18 17 20 19 16 23 25 26}) 192.168.1.144: CLIENT_NOT_FOUND: host/ipa-b.cloud.in.bmrc.ox.ac...@in.bmrc.ox.ac.uk<mailto:host/ipa-b.cloud.in.bmrc.ox.ac...@in.bmrc.ox.ac.uk> for krbtgt/in.bmrc.ox.ac...@in.bmrc.ox.ac.uk<mailto:krbtgt/in.bmrc.ox.ac...@in.bmrc.ox.ac.uk>, Client not found in Kerberos database Nov 01 18:18:59 ipa-a.in.bmrc.ox.ac.uk krb5kdc[11212](info): closing down fd 11 Nov 01 18:18:59 ipa-a.in.bmrc.ox.ac.uk krb5kdc[11212](info): AS_REQ (8 etypes {18 17 20 19 16 23 25 26}) 10.141.248.2: CLIENT_NOT_FOUND: host/ipa-b.cloud.in.bmrc.ox.ac...@in.bmrc.ox.ac.uk<mailto:host/ipa-b.cloud.in.bmrc.ox.ac...@in.bmrc.ox.ac.uk> for krbtgt/in.bmrc.ox.ac...@in.bmrc.ox.ac.uk<mailto:krbtgt/in.bmrc.ox.ac...@in.bmrc.ox.ac.uk>, Client not found in Kerberos database (ipa-b.cloud.in.bmrc... doesnt exist and shouldn't - so there's a problem there too). slapd/access [01/Nov/2018:19:46:33.586518662 +0000] conn=1 fd=64 slot=64 connection from ::1 to ::1 [01/Nov/2018:19:46:33.587225369 +0000] conn=2 fd=65 slot=65 connection from 127.0.0.1 to 127.0.0.1 [01/Nov/2018:19:46:33.587501315 +0000] conn=1 op=-1 fd=64 closed - B1 [01/Nov/2018:19:46:33.592352645 +0000] conn=2 op=-1 fd=65 closed - B1 [01/Nov/2018:19:46:33.593372333 +0000] conn=3 fd=64 slot=64 connection from ::1 to ::1 [01/Nov/2018:19:46:33.593766162 +0000] conn=4 fd=65 slot=65 connection from 127.0.0.1 to 127.0.0.1 [01/Nov/2018:19:46:33.593898023 +0000] conn=3 op=-1 fd=64 closed - B1 [01/Nov/2018:19:46:33.599951489 +0000] conn=5 fd=66 slot=66 connection from ::1 to ::1 [01/Nov/2018:19:46:33.600104933 +0000] conn=4 op=-1 fd=65 closed - B1 [01/Nov/2018:19:46:33.603688533 +0000] conn=5 op=-1 fd=66 closed error 125 (Operation canceled) - A1 Regards, Callum -- Callum Smith Research Computing Core Wellcome Trust Centre for Human Genetics University of Oxford e. cal...@well.ox.ac.uk<mailto:cal...@well.ox.ac.uk> On 1 Nov 2018, at 19:11, Rob Crittenden <rcrit...@redhat.com<mailto:rcrit...@redhat.com>> wrote: /var/log/dirsrv/slapd-REALM/access
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org