brilliant! I checked /var/log/messages and found;
Nov 30 10:33:58 chtvm-centos-6 sssd[be[teratext.saic.com.au]]: Starting up Nov 30 10:33:58 chtvm-centos-6 kernel: sssd_be[1516]: segfault at 10 ip 0000003a12a13eee sp 00007fffdb5e3b60 error 4 in libldap-2.4.so.2.5.2[3a12a00000+43000] Nov 30 10:33:58 chtvm-centos-6 kernel: abrt-hook-ccpp[1598]: segfault at 0 ip 00000039fea800d2 sp 00007fff4a1fc5f8 error 4 in libc-2.12.so[39fea00000+175000] Nov 30 10:33:58 chtvm-centos-6 kernel: Process 1598(abrt-hook-ccpp) has RLIMIT_CORE set to 1 Nov 30 10:33:58 chtvm-centos-6 kernel: Aborting core I then upgraded openldap to openldap-2.4.23-19.el6.x86_64 and now the ipa-client-install script works perfectly ;) Regards, Craig On Wed, Nov 30, 2011 at 12:39:38PM +0100, Jakub Hrozek wrote: > On Tue, Nov 29, 2011 at 09:43:55PM -0500, Rob Crittenden wrote: > > Craig T wrote: > > >Hi, > > > > > >I tried letting the client install go and it does eventually finish, > > >however SSSD_NSS queries don't work. > > >See errors below; > > > > > >---------------------------------------------------------------------- > > >[root@chtvm-centos-6 /]# ipa-client-install > > >Discovery was successful! > > >Hostname: chtvm-centos-6.example.com > > >Realm: example.com > > >DNS Domain: example.com > > >IPA Server: chtvm-389.example.com > > >BaseDN: dc=example,dc=com > > > > > >Continue to configure the system with these values? [no]: yes > > >User authorized to enroll computers: admin > > >Password for ad...@example.com: > > > > > >Enrolled in IPA realm example.com > > >Created /etc/ipa/default.conf > > >Configured /etc/sssd/sssd.conf > > >Configured /etc/krb5.conf for IPA realm example.com > > >SSSD enabled > > >Kerberos 5 enabled > > >Unable to find 'admin' user with 'getent passwd admin'! > > >Recognized configuration: SSSD > > >NTP enabled > > >Client configuration complete. > > > > > >------------------------------------------------------------------------------------------------------------------------- > > >File: /var/log/sssd/sssd_nss.log > > >(Wed Nov 30 10:34:16 2011) [sssd[nss]] [nss_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:34:46 2011) [sssd[nss]] [nss_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:35:16 2011) [sssd[nss]] [nss_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:35:46 2011) [sssd[nss]] [nss_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >------------------------------------------------------------------------------------------------------------------------- > > >File: /var/log/sssd/sssd_pam.log > > >(Wed Nov 30 10:34:16 2011) [sssd[pam]] [pam_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:34:46 2011) [sssd[pam]] [pam_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:35:16 2011) [sssd[pam]] [pam_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >(Wed Nov 30 10:35:46 2011) [sssd[pam]] [pam_dp_reconnect_init] (0): Could > > >not reconnect to example.com provider. > > >------------------------------------------------------------------------------------------------------------------------- > > Also the {nss,pam}_dp_reconnect_init functions are only called when the > back end crashes and the other processes are reconnecting to a new back > end instance. > > Can you check logs (/var/log/messages should have the info) if there are > any messages indicating a crash? > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users