Re: [Freeipa-users] Slow logins on FreeIPA 4.1.2 (F21)

Wed, 08 Apr 2015 02:01:40 -0700 

Am 08.04.2015 um 10:27 schrieb Jakub Hrozek:
> Can you run:
>     KRB5_TRACE=/dev/stderr kinit yourprinc@YOUR.REALM
>
> So that we can compare with the krb5_child.log you sent earlier? I
> wonder if SSSD talks to a KDC that is slower or far away from your
> client..
>
This is my trace from kinit:

[2422] 1428482081.62208: AS key obtained for encrypted timestamp:
aes256-cts/61D1
[2422] 1428482081.62288: Encrypted timestamp (for 1428482081.868994):
plain ***, encrypted ***
[2422] 1428482081.62328: Preauth module encrypted_timestamp (2) (real)
returned: 0/Success
[2422] 1428482081.62342: Produced preauth for next request: 133, 2
[2422] 1428482081.62379: Sending request (265 bytes) to MITTELERDE.DE
[2422] 1428482081.62484: Sending initial UDP request to dgram 1.2.3.4:88
[2422] 1428482081.201814: Received answer (740 bytes) from dgram 1.2.3.4:88
[2422] 1428482081.201872: Response was from master KDC
[2422] 1428482081.201905: Processing preauth types: 19
[2422] 1428482081.201914: Selected etype info: etype aes256-cts, salt
"***", params ""
[2422] 1428482081.201920: Produced preauth for next request: (empty)
[2422] 1428482081.201929: AS key determined by preauth: aes256-cts/61D1
[2422] 1428482081.201973: Decrypted AS reply; session key is:
aes256-cts/C464
[2422] 1428482081.201991: FAST negotiation: available
[2422] 1428482081.202014: Initializing KEYRING:persistent:0:0 with
default princ fr...@mittelerde.de
[2422] 1428482081.202058: Removing fr...@mittelerde.de ->
krbtgt/mittelerde...@mittelerde.de from KEYRING:persistent:0:0
[2422] 1428482081.202065: Storing fr...@mittelerde.de ->
krbtgt/mittelerde...@mittelerde.de in KEYRING:persistent:0:0
[2422] 1428482081.202110: Storing config in KEYRING:persistent:0:0 for
krbtgt/mittelerde...@mittelerde.de: fast_avail: yes
[2422] 1428482081.202126: Removing fr...@mittelerde.de ->
krb5_ccache_conf_data/fast_avail/krbtgt\/MITTELERDE.DE\@MITTELERDE.DE@X-CACHECONF:
from KEYRING:persistent:0:0
[2422] 1428482081.202133: Storing fr...@mittelerde.de ->
krb5_ccache_conf_data/fast_avail/krbtgt\/MITTELERDE.DE\@MITTELERDE.DE@X-CACHECONF:
in KEYRING:persistent:0:0
[2422] 1428482081.202166: Storing config in KEYRING:persistent:0:0 for
krbtgt/mittelerde...@mittelerde.de: pa_type: 2
[2422] 1428482081.202177: Removing fr...@mittelerde.de ->
krb5_ccache_conf_data/pa_type/krbtgt\/MITTELERDE.DE\@MITTELERDE.DE@X-CACHECONF:
from
KEYRING:persistent:0:0                                                          
                                                                                
       

[2422] 1428482081.202184: Storing fr...@mittelerde.de ->
krb5_ccache_conf_data/pa_type/krbtgt\/MITTELERDE.DE\@MITTELERDE.DE@X-CACHECONF:
in
KEYRING:persistent:0:0                                                          
                                                                                
          


Most of the host can only communicate in the local net, which has not
that much hosts (10). The wired ones are connected via GBit Network,
wireless it is up to 150MBit. Server is a Xeon E3-1225 with 8GB Mem. All
Systems have Fedora 21 installed

Martin.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to