search for: fo_set_port_status

...bind mech: gssapi, user: DC1$ [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)] [fo_set_port_status] (0x0100): Marking port 389 of server 'dc1.domain.tld' as 'not working' However, it's perfectly happy when the query resolves to DC2: [be_resolve_server_process] (0x0200): Found address for server dc2.domain.tld: [1.2.3.5] TTL 900 [ldap_child_get_tgt_sync] (0x0100): Principal...

...bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] >> [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): >> generic failure: GSSAPI Error: Unspecified GSS failure. Minor code >> may provide more information (Server not found in Kerberos database)] >> [fo_set_port_status] (0x0100): Marking port 389 of server >> 'dc1.domain.tld' as 'not working' >> >> However, it's perfectly happy when the query resolves to DC2: >> >> [be_resolve_server_process] (0x0200): Found address for server >> dc2.domain.tld: [1.2.3.5] TT...

...:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] (5): Server returned no controls. (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] (3): Bind result: Strong(er) authentication required(8), BindSimple: Transport encryption required. (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [fo_set_port_status] (4): Marking port 389 of server 'xxxxx' as 'not working' ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [sdap_id_op_connect_done] (1): Failed to connect, going offline (5 [Input/output error]) (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [be_run_offline_cb] (3): Going offline. Runn...

...] > > (5): Server returned no controls. > > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] > > (3): Bind result: Strong(er) authentication required(8), > > BindSimple: Transport encryption required. > > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [fo_set_port_status] > > (4): Marking port 389 of server 'xxxxx' as 'not working' > > ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] > > [sdap_id_op_connect_done] (1): Failed to connect, going offline (5 > > [Input/output error]) (Fri Sep 2 18:22:13 2016) > > [sssd[be[xxx.x...

...DC1$ > [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] > [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): > generic failure: GSSAPI Error: Unspecified GSS failure. Minor code > may provide more information (Server not found in Kerberos database)] > [fo_set_port_status] (0x0100): Marking port 389 of server > 'dc1.domain.tld' as 'not working' > > However, it's perfectly happy when the query resolves to DC2: > > [be_resolve_server_process] (0x0200): Found address for server > dc2.domain.tld: [1.2.3.5] TTL 900 > [ldap_child_g...

...rned no controls. >>>> (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] >>>> (3): Bind result: Strong(er) authentication required(8), >>>> BindSimple: Transport encryption required. >>>> (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [fo_set_port_status] >>>> (4): Marking port 389 of server 'xxxxx' as 'not working' >>>> ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] >>>> [sdap_id_op_connect_done] (1): Failed to connect, going offline (5 >>>> [Input/output error]) (Fri Sep 2 18:22:13 20...

...nformation (Server not found in Kerberos database)] It turns out that the reverse DNS entry for DC1 led to DC1.my-pre-AD-dns-domain.tld, rather than DC1.domain.tld. This had been working perfectly for everything else - but evidently kerberos is a little pickier. I now have sssd working, I think: [fo_set_port_status] (0x0100): Marking port 389 of server 'dc1.domain.tld' as 'working' [set_server_common_status] (0x0100): Marking server 'dc1.domain.tld' as 'working' I used the following commands to test the GSSAPI element (easier than reloading sssd and wading through logs): Fail...

....xxx]]] [simple_bind_done] (5): > Server returned no controls. > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] (3): Bind > result: Strong(er) authentication required(8), BindSimple: Transport > encryption required. > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [fo_set_port_status] (4): > Marking port 389 of server 'xxxxx' as 'not working' > ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [sdap_id_op_connect_done] (1): > Failed to connect, going offline (5 [Input/output error]) > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [be_run_offline_cb] (3):...

...ver returned no controls. > > > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [simple_bind_done] > > > (3): Bind result: Strong(er) authentication required(8), > > > BindSimple: Transport encryption required. > > > (Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [fo_set_port_status] > > > (4): Marking port 389 of server 'xxxxx' as 'not working' > > > ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] > > > [sdap_id_op_connect_done] (1): Failed to connect, going offline (5 > > > [Input/output error]) (Fri Sep 2 18:22:13 2016) >...

...o [4] (Thu Jul 19 23:40:44 2018) [sssd[be[AD.COMPANY.COM]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900 (Thu Jul 19 23:40:44 2018) [sssd[be[AD.COMPANY.COM]]] [simple_bind_send] (0x0100): Executing simple bind as: sssd at ad.company.com (Thu Jul 19 23:40:44 2018) [sssd[be[AD.COMPANY.COM]]] [fo_set_port_status] (0x0100): Marking port 389 of server '192.168.192.50' as 'working' (Thu Jul 19 23:40:44 2018) [sssd[be[AD.COMPANY.COM]]] [set_server_common_status] (0x0100): Marking server '192.168.192.50' as 'working' (Thu Jul 19 23:40:44 2018) [sssd[be[AD.COMPANY.COM]]] [be_run_o...