See inline.. On Wed, Jan 31, 2018 at 03:23:57AM -0500, TomK wrote: > On 1/31/2018 3:18 AM, TomK via FreeIPA-users wrote: > My bad, did not include sssd-users earlier. :( > > > Hey All, > > > > I'm wondering if anyone came across this error below. We have two RHEL > > 7.4 servers with SSSD 1.15.2: http-srv01 and http-srv02 > > > > Both connect to the same AD DC host below: addc-srv03.addom.com. > > Verified krb5.conf and sssd.conf both are identical. We can login on > > the http-srv01 and can list all groups for an AD account. > > > > On http-srv02 we cannot login and any group listing from the CLI result > > only in the user's local groups. No AD groups. > > > > Logs give us the output below. Short of adding in the entire log which > > I might not be able to do till the end of the week, what could we look > > at to resolve this? > > > > There's very little available online on this error. The RH solution > > doesn't make sense since the first host connects and authenticates users > > just fine so it's definitely GC enabled. > > > > > -- > Cheers, > Tom K. > ------------------------------------------------------------------------------------- > > Living on earth is expensive, but it includes a free trip around the sun. > > > > samba-libs-4.6.2-12.el7_4.x86_64 > samba-client-libs-4.6.2-12.el7_4.x86_64 > sssd-1.15.2-50.el7_4.6.x86_64 > openldap-2.4.44-5.el7.x86_64 > sssd-ldap-1.15.2-50.el7_4.6.x86_64 > sssd-common-pac-1.15.2-50.el7_4.6.x86_64 > samba-winbind-clients-4.6.2-12.el7_4.x86_64 > samba-common-4.6.2-12.el7_4.noarch > sssd-client-1.15.2-50.el7_4.6.x86_64 > sssd-proxy-1.15.2-50.el7_4.6.x86_64 > samba-winbind-modules-4.6.2-12.el7_4.x86_64 > python-sssdconfig-1.15.2-50.el7_4.6.noarch > sssd-ipa-1.15.2-50.el7_4.6.x86_64 > samba-common-libs-4.6.2-12.el7_4.x86_64 > sssd-krb5-common-1.15.2-50.el7_4.6.x86_64 > samba-winbind-4.6.2-12.el7_4.x86_64 > sssd-krb5-1.15.2-50.el7_4.6.x86_64 > sssd-ad-1.15.2-50.el7_4.6.x86_64 > sssd-common-1.15.2-50.el7_4.6.x86_64 > samba-common-tools-4.6.2-12.el7_4.x86_64 > > > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_dispatch] (0x4000): dbus > conn: 0x55b2e22e8700 > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_dispatch] (0x4000): > Dispatching. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_message_handler] > (0x2000): Received SBUS method > org.freedesktop.sssd.dataprovider.getAccountInfo on path > /org/freedesktop/sssd/dataprovider > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_get_sender_id_send] > (0x2000): Not a sysbus message, quit > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_get_account_info_handler] > (0x0200): Got request for [0x2][BE_REQ_GROUP][name=unix-admin-group@addom] > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_attach_req] (0x0400): DP > Request [Account #4]: New request. Flags [0x0001]. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_attach_req] (0x0400): > Number of active DP request: 1 > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sss_domain_get_state] > (0x1000): Domain ADDOM is Active > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sss_domain_get_state] > (0x1000): Domain ADDOM is Active > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_step] > (0x4000): beginning to connect > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [fo_resolve_service_send] > (0x0100): Trying to resolve service 'AD_GC' > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_server_status] (0x1000): > Status of server 'addc-srv03.addom.com' is 'working' > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_port_status] (0x1000): > Port status of port 0 for server 'addc-srv03.addom.com' is 'not working'
What debug level are you running with? Is this the first occurence of 'port not working' since sssd started? > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_port_status] (0x0080): > SSSD is unable to complete the full connection request, this internal status > does not necessarily indicate network port issues. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [fo_resolve_service_send] > (0x0020): No available servers for service 'AD_GC' > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [be_resolve_server_done] > (0x1000): Server resolution failed: [5]: Input/output error > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_done] > (0x0400): Failed to connect to server, but ignore mark offline is enabled. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_done] > (0x4000): notify error to op #1: 5 [Input/output error] > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_done] (0x0400): DP > Request [Account #4]: Request handler finished [0]: Success > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [_dp_req_recv] (0x0400): DP > Request [Account #4]: Receiving request data. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_reply_list_success] > (0x0400): DP Request [Account #4]: Finished. Success. > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_reply_std] (0x1000): DP > Request [Account #4]: Returning [Internal Error]: 3,5,Group lookup failed > (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_table_value_destructor] > (0x0400): Removing [0:1:0x0001:2::ADDOM:name=unix-admin-group@addom] from > reply > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org