Hello,
From time to time we are getting complaints that I can sum up as I cannot
log in to server X
Here is a spinet of the /var/log/sssd/sssd_DOMAIN.log ...
*(Mon Apr 15 09:36:59 2013) [sssd[be[4OVER.COM]]] [be_pam_handler]
(0x0100): Got request with the following data
(Mon Apr 15 09:36:59
Christian Hernandez wrote:
Hello,
From time to time we are getting complaints that I can sum up as I
cannot log in to server X
Here is a spinet of the /var/log/sssd/sssd_DOMAIN.log ...
/(Mon Apr 15 09:36:59 2013) [sssd[be[4OVER.COM http://4OVER.COM]]]
[be_pam_handler] (0x0100): Got request
We are running 1.9.2
Looks like 3.0 is available for my build of CentOS ~ Any suggestions on how
to proceed to updating? Is Multimaster replication sustained during
updating?
Thank you,
Christian Hernandez
1225 Los Angeles Street
Glendale, CA 91204
Phone: 877-782-2737 ext. 4566
Fax:
On Mon, Apr 15, 2013 at 02:29:18PM -0400, Rob Crittenden wrote:
There are some odd errors in ldap_child.log but it seems to cover a
later period than the other logs (not being able to bind using its
keytab is a bad thing).
I think what you'll want to do, and this may be relatively tough, is
Okay,
So I tried to update to the newest version. Update went okay and users can
authenticate (as far as I can tell)...
But I think may be replication broke?
[r...@ipa1.da2.4over.com log]# ipa-replica-manage force-sync --from=
ipa1.gln.4over.com
Invalid password
Any ideas?
Thank you,
On 04/15/2013 08:41 PM, Christian Hernandez wrote:
Yup, looks like replication is broken =\
[r...@ipa1.gln.4over.com mailto:r...@ipa1.gln.4over.com ipa]#
ipa-replica-manage disconnect ipa1.la3.4over.com
http://ipa1.la3.4over.com
Failed to get list of agreements from 'ipa1.la3.4over.com
Yes; I verified that both forward and reverse DNS match on all nodes.
Thank you,
Christian Hernandez
1225 Los Angeles Street
Glendale, CA 91204
Phone: 877-782-2737 ext. 4566
Fax: 818-265-3152
christi...@4over.com mailto:christi...@4over.com
www.4over.com http://www.4over.com
On Mon, Apr 15,
Looks like I've narrowed it down to...something...
[r...@ipa1.la3.4over.com ~]# ipa-replica-manage list ipa1.gln.4over.com
Failed to get data from 'ipa1.gln.4over.com': Invalid credentials
SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context
[r...@ipa1.la3.4over.com ~]#
Christian Hernandez wrote:
Looks like I've narrowed it down to...something...
[r...@ipa1.la3.4over.com mailto:r...@ipa1.la3.4over.com ~]#
ipa-replica-manage list ipa1.gln.4over.com http://ipa1.gln.4over.com
Failed to get data from 'ipa1.gln.4over.com
http://ipa1.gln.4over.com': Invalid