I have troubleshooted it. Unable to replicate the issue again. Is there any
suggestion of possible cause. I saw IPA server took long to respond as
ipactl status took almost 3-4 mins to provide status.
*Best Regards,*
*__________________________________________*
*Yogesh Sharma*
*Email: yks0000(a)gmail.com <yks0000(a)gmail.com> | Web:
www.initd.in
<
http://www.initd.in/> *
*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
<
https://www.fb.com/yks0000> <
http://in.linkedin.com/in/yks0000>
<
https://twitter.com/checkwithyogesh>
<
http://google.com/+YogeshSharmaOnGooglePlus>
On Sun, Sep 20, 2015 at 9:42 PM, Yogesh Sharma <yks0000(a)gmail.com> wrote:
Regarding, custom values, they are in domain tab. Is it correct ,
should
they be in sudo tab?
On server offline issue, I am checking as suggested. Full log has been
sent.
-Yogesh Sharma
(Sent from my HTC)
On 20-Sep-2015 9:20 pm, "Jakub Hrozek" <jhrozek(a)redhat.com> wrote:
> On Sat, Sep 19, 2015 at 03:15:56PM +0530, Yogesh Sharma wrote:
> > Hi,
> >
> > I am sorry, I did captured it but forget to send.
> >
> > .
> >
> > Apart from SSSD issue of being went in Offline mode. I have few other
> > concern:
> >
> > 1. I have explicitly defined below values in sssd, though SSSD is taking
> > the other values.
> >
> > My Values:
> >
> > ldap_sudo_smart_refresh_interval = 60
> > ldap_enumeration_refresh_timeout = 60
> > ldap_purge_cache_timeout = 60
>
> Are you sure you put them into the right section? Feel free to send the
> complete config file.
>
> >
> >
> > SSSD Domain Logs:
> >
> > (Fri Sep 18 13:49:33 2015) [sssd[be[klikpay.int]]] [dp_get_options]
> > (0x0400): Option ldap_sudo_smart_refresh_interval has value 900
> > (Fri Sep 18 13:49:33 2015) [sssd[be[klikpay.int]]] [dp_get_options]
> > (0x0400): Option ldap_enumeration_refresh_timeout has value 300
> > (Fri Sep 18 13:49:33 2015) [sssd[be[klikpay.int]]] [dp_get_options]
> > (0x0400): Option ldap_purge_cache_timeout has value 3600
> >
> >
> > *Logs related to sssd Offline Mode:*
> >
> > (Fri Sep 18 13:49:46 2015) [sssd[be[klikpay.int]]]
> > [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
> > (Fri Sep 18 13:49:46 2015) [sssd[be[klikpay.int]]] [get_server_status]
> > (0x1000): Status of server 'ipa-inf-prd-ng2-01.klikpay.int' is
'name
> > resolved'
> > (Fri Sep 18 13:49:46 2015) [sssd[be[klikpay.int]]] [get_port_status]
> > (0x1000): Port status of port 389 for server '
> ipa-inf-prd-ng2-01.klikpay.int'
> > is 'not working'
> > (Fri Sep 18 13:49:46 2015) [sssd[be[klikpay.int]]] [get_server_status]
> > (0x1000): Status of server 'ipa-inf-prd-ng2-02.klikpay.int' is
'name
> > resolved'
> > (Fri Sep 18 13:49:46 2015) [sssd[be[klikpay.int]]] [get_port_status]
> > (0x1000): Port status of port 389 for server '
> ipa-inf-prd-ng2-02.klikpay.int'
> > is 'not working'
>
> Sorry, I think I still need a bit more context. Here the server is
> already not working, we need to find out the spot where it was marked as
> wrong (older version's logging was somewhat poor in this respect..)
>
> But off-bat, I'd check if you can search the ldap server using the same
> authentication (keyta I guess?) as SSSD uses.
>