On Thu, Jan 09, 2020 at 03:20:32PM -0700, Orion Poplawski wrote:
I'm seeing the following in my sssd_DOMAIN.log:
Hi,
which version of SSSD are you using and how does your sssd.conf looks
like?
(Thu Jan 9 15:03:30 2020) [sssd[be[DOMAIN]]] [be_resolve_server_process]
(0x0200): Found address
for server SERVER.DOMAIN: [XX.XX.XX.XX] TTL 86400
(Thu Jan 9 15:03:30 2020) [sssd[be[DOMAIN]]] [ipa_resolve_callback] (0x0400):
Constructed uri 'ldap://SERVER.DOMAIN'
(Thu Jan 9 15:03:30 2020) [sssd[be[DOMAIN]]] [fo_get_server_hostent]
(0x0020): Bug: Trying to get hostent from a name-less server
Do you see this all the time or only for a particular server?
(Thu Jan 9 15:03:30 2020) [sssd[be[DOMAIN]]]
[write_krb5info_file_from_fo_server] (0x0020): Server without name and address
found in list.
(Thu Jan 9 15:03:30 2020) [sssd[be[DOMAIN]]]
[krb5_add_krb5info_offline_callback] (0x4000): Removal callback already
available for service [IPA].
Are the messages in the middle anything to worry about? Doesn't sound
particularly good.
Some time ago the handling of the krb5info files for the Kerberos
locator plugin was enhanced by adding not only the IP address of the
current KDC to the file but the names of the next ones SSSD would
consider as well. With this other Kerberos clients have a chance to fall
back to other KDC if the one currently preferred by SSSD in not
available anymore and SSSD so far didn't notice this.
The error comes from this part of the code. So I think the worst case
would be that some KDC names in the krb5info file might be missing.
HTH
bye,
Sumit
Thanks,
Orion
--
Orion Poplawski
Manager of NWRA Technical Systems 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion(a)nwra.com
Boulder, CO 80301
https://www.nwra.com/
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...