See inline..
On Wed, Jan 31, 2018 at 03:23:57AM -0500, TomK wrote:
On 1/31/2018 3:18 AM, TomK via FreeIPA-users wrote:
My bad, did not include sssd-users earlier. :(
> Hey All,
>
> I'm wondering if anyone came across this error below. We have two RHEL
> 7.4 servers with SSSD 1.15.2: http-srv01 and http-srv02
>
> Both connect to the same AD DC host below:
addc-srv03.addom.com.
> Verified krb5.conf and sssd.conf both are identical. We can login on
> the http-srv01 and can list all groups for an AD account.
>
> On http-srv02 we cannot login and any group listing from the CLI result
> only in the user's local groups. No AD groups.
>
> Logs give us the output below. Short of adding in the entire log which
> I might not be able to do till the end of the week, what could we look
> at to resolve this?
>
> There's very little available online on this error. The RH solution
> doesn't make sense since the first host connects and authenticates users
> just fine so it's definitely GC enabled.
>
--
Cheers,
Tom K.
-------------------------------------------------------------------------------------
Living on earth is expensive, but it includes a free trip around the sun.
samba-libs-4.6.2-12.el7_4.x86_64
samba-client-libs-4.6.2-12.el7_4.x86_64
sssd-1.15.2-50.el7_4.6.x86_64
openldap-2.4.44-5.el7.x86_64
sssd-ldap-1.15.2-50.el7_4.6.x86_64
sssd-common-pac-1.15.2-50.el7_4.6.x86_64
samba-winbind-clients-4.6.2-12.el7_4.x86_64
samba-common-4.6.2-12.el7_4.noarch
sssd-client-1.15.2-50.el7_4.6.x86_64
sssd-proxy-1.15.2-50.el7_4.6.x86_64
samba-winbind-modules-4.6.2-12.el7_4.x86_64
python-sssdconfig-1.15.2-50.el7_4.6.noarch
sssd-ipa-1.15.2-50.el7_4.6.x86_64
samba-common-libs-4.6.2-12.el7_4.x86_64
sssd-krb5-common-1.15.2-50.el7_4.6.x86_64
samba-winbind-4.6.2-12.el7_4.x86_64
sssd-krb5-1.15.2-50.el7_4.6.x86_64
sssd-ad-1.15.2-50.el7_4.6.x86_64
sssd-common-1.15.2-50.el7_4.6.x86_64
samba-common-tools-4.6.2-12.el7_4.x86_64
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_dispatch] (0x4000): dbus
conn: 0x55b2e22e8700
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_dispatch] (0x4000):
Dispatching.
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_message_handler]
(0x2000): Received SBUS method
org.freedesktop.sssd.dataprovider.getAccountInfo on path
/org/freedesktop/sssd/dataprovider
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sbus_get_sender_id_send]
(0x2000): Not a sysbus message, quit
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_get_account_info_handler]
(0x0200): Got request for [0x2][BE_REQ_GROUP][name=unix-admin-group@addom]
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_attach_req] (0x0400): DP
Request [Account #4]: New request. Flags [0x0001].
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_attach_req] (0x0400):
Number of active DP request: 1
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sss_domain_get_state]
(0x1000): Domain ADDOM is Active
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sss_domain_get_state]
(0x1000): Domain ADDOM is Active
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_step]
(0x4000): beginning to connect
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'AD_GC'
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_server_status] (0x1000):
Status of server 'addc-srv03.addom.com' is 'working'
(Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_port_status] (0x1000):
Port status of port 0 for server 'addc-srv03.addom.com' is 'not working'
What debug level are you running with? Is this the first occurence of
'port not working' since sssd started?
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [get_port_status] (0x0080):
> SSSD is unable to complete the full connection request, this internal status
> does not necessarily indicate network port issues.
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [fo_resolve_service_send]
> (0x0020): No available servers for service 'AD_GC'
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [be_resolve_server_done]
> (0x1000): Server resolution failed: [5]: Input/output error
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_done]
> (0x0400): Failed to connect to server, but ignore mark offline is enabled.
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [sdap_id_op_connect_done]
> (0x4000): notify error to op #1: 5 [Input/output error]
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_done] (0x0400): DP
> Request [Account #4]: Request handler finished [0]: Success
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [_dp_req_recv] (0x0400): DP
> Request [Account #4]: Receiving request data.
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_reply_list_success]
> (0x0400): DP Request [Account #4]: Finished. Success.
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_req_reply_std] (0x1000): DP
> Request [Account #4]: Returning [Internal Error]: 3,5,Group lookup failed
> (Tue Jan 30 19:00:01 2018) [sssd[be[ADDOM]]] [dp_table_value_destructor]
> (0x0400): Removing [0:1:0x0001:2::ADDOM:name=unix-admin-group@addom] from
> reply
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org