Hi all,
I've just built a RHEL 6.7 Beta VM to test the new SSSD release, and have
come across a strange issue.
I can successfully kinit and join our AD domain with "net ads join -k" but
sssd won't start. The logs contain:
[ad_set_ad_id_options] (0x0100): Option krb5_realm set to
EXAMPLE.COM
[sdap_set_sasl_options] (0x0100): Will look for
rhel67.example.com(a)EXAMPLE.COM in default keytab
[select_principal_from_keytab] (0x0200): trying to select the most
appropriate principal from keytab
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[find_principal_in_keytab] (0x0020): krb5_kt_start_seq_get failed.
[select_principal_from_keytab] (0x0080): No suitable principal found in
keytab
[select_principal_from_keytab] (0x0010): Failed to read keytab [default]:
No such file or directory
[ad_set_ad_id_options] (0x0040): Cannot set the SASL-related options
[load_backend_module] (0x0010): Error (2) in module (ad) initialization
(sssm_ad_id_init)!
[be_process_init] (0x0010): fatal error initializing data providers
Had a little feedback from Lukas, who suggested I ran "klist -kt". This
gives:
# klist -kt
Keytab name: FILE:/etc/krb5.keytab
klist: No such file or directory while starting keytab scan
Any ideas?
John
--
John Beranek To generalise is to be an idiot.
http://redux.org.uk/ -- William Blake