I am using rsyslog RELP (reliable event log processing) to steal away logs over syslog-tcp with fifo buffer to store them in a central database, so journalctl is the only local log on the box.  The /var/log/sssd/* files are mostly empty.  The only info in there is about an explicit kerberos setting not being set and having to use a different directives value for kerberos.

Either way, the logs dont have much to go on.  I will check my database for any of the logs I can find, but I think I did already and I dont think there was other info in there.

I'll also see what I can do with the link you sent.

Thanks.

On Aug 14, 2015 4:20 AM, "Jakub Hrozek" <jhrozek@redhat.com> wrote:
On Thu, Aug 13, 2015 at 05:11:41PM -0400, Brendan Kearney wrote:
> On 08/13/2015 03:45 AM, Jakub Hrozek wrote:
> >On Wed, Aug 12, 2015 at 09:48:38PM -0400, Brendan Kearney wrote:
> >>i have a fedora 20 install on a desktop that is working and autofs will read
> >>the auto.master from ldap and i can mount the shares specified in
> >>auto.shares listed.
> >>
> >>i have a fedora 20 install on a laptop that will not work and cannot read
> >>the auto.master from ldap.
> >>
> >>i have done everything i can think of to make the 2 as "apples to apples"
> >>identical as i can, but still cannot get autofs to read the auto.master from
> >>ldap.
> >>
> >>[root@laptop ~]# automount -fd -vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
> >>Starting automounter version 5.0.7-42.fc20, master map auto.master
> >>using kernel protocol version 5.02
> >>lookup_nss_read_master: reading master sss auto.master
> >>parse_init: parse(sun): init gathered global options: (null)
> >>spawn_mount: mtab link detected, passing -n to mount
> >>spawn_umount: mtab link detected, passing -n to mount
> >>setautomntent: lookup(sss): setautomntent: No such file or directory
> >>lookup_nss_read_master: auto.master not found, replacing '.' with '_'
> >>parse_init: parse(sun): init gathered global options: (null)
> >>spawn_mount: mtab link detected, passing -n to mount
> >>spawn_umount: mtab link detected, passing -n to mount
> >>setautomntent: lookup(sss): setautomntent: No such file or directory
> >This message just means that there are no more maps in the table.
> >
> >>no mounts in table
> >>^Cautofs stopped
> >>
> >>i believe i am hung up by the setautomntent: no such file or directory line.
> >>the configs are pretty much copied from the working desktop.  any help is
> >>appreciated.
> >>
> >>*sssd.conf**:*
> >>[sssd]
> >>domains = bpk2.com
> >>services = nss, pam, sudo, autofs
> >>config_file_version = 2
> >>#debug_level = 4
> >>
> >>[nss]
> >>filter_groups = root
> >>filter_users = root
> >>
> >>[pam]
> >>
> >>[sudo]
> >>
> >>[autofs]
> >>
> >>[domain/bpk2.com]
> >>#debug_level = 4
> >>id_provider = ldap
> >>ldap_schema = rfc2307bis
> >>ldap_uri = _srv_,ldap://ldap1.bpk2.com,ldap://ldap2.bpk2.com
> >>ldap_search_base = dc=bpk2,dc=com
> >>ldap_sasl_mech = GSSAPI
> >>ldap_sasl_authid = host/laptop.bpk2.com
> >>ldap_sasl_realm = BPK2.COM
> >>
> >>auth_provider = krb5
> >>krb5_server = _srv_,kerberos.bpk2.com
> >>krb5_realm = BPK2.COM
> >>krb5_renewable_lifetime = 7d
> >>krb5_lifetime = 24h
> >>krb5_renew_interval = 1h
> >>krb5_store_password_if_offline = true
> >>cache_credentials = true
> >>
> >>sudo_provider = ldap
> >>ldap_sudo_search_base = ou=SUDO Groups,ou=Roles,dc=bpk2,dc=com
> >>
> >>autofs_provider = ldap
> >>ldap_autofs_search_base = cn=autofs,ou=Daemons,dc=bpk2,dc=com
> >>ldap_autofs_map_object_class = automountMap
> >>ldap_autofs_entry_object_class = automount
> >>ldap_autofs_map_name = automountMapName
> >>ldap_autofs_entry_key = automountKey
> >>ldap_autofs_entry_value = automountInformation
> >>
> >>#min_id = 1000
> >>#max_id = 2000
> >>enumerate = false
> >The config looks OK..
> >
> >>*autofs_ldap_auth.conf**:*
> >You don't need this config file unless you're also using the ldap direct
> >integration.
> >
> >I would suggest to debug like this:
> >     - stop automounter
> >     - enable verbose (7+) debug_level in the autofs and domain sections
> >     - start sssd
> >     - run 'date' to pair the timestamp in the logs with the system clock
> >     - start automounter -m on the foreground
> >     - run date again to know the timestamp of request end
> >     - check out autofs responder and domain logs
> >_______________________________________________
> >sssd-users mailing list
> >sssd-users@lists.fedorahosted.org
> >https://lists.fedorahosted.org/mailman/listinfo/sssd-users
> [root@laptop ~]# date
> Thu Aug 13 17:06:07 EDT 2015
> [root@laptop ~]# automount -m
>
> autofs dump map information
> ===========================
>
> global options: none configured
> no master map entries found
>
> [root@laptop ~]# date
> Thu Aug 13 17:06:22 EDT 2015
>
> [root@laptop ~]# journalctl -u autofs
> ...
> Aug 13 17:05:12 laptop systemd[1]: Stopped Automounts filesystems on demand.
>
> [root@laptop ~]# journalctl -u sssd
                   ~~~~~~~~~~~~~~~~~~

The useful info would be in /var/log/sssd/*.log. We don't really log too
much to journald by default (although it's possible to configure
journald to be used for debug messages as well).

See https://fedorahosted.org/sssd/wiki/Troubleshooting for more details
on getting the logs.
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users