On 4 March 2015 at 20:09, Wolfgang Schweer <[email protected]> wrote:
> On Wed, Mar 04, 2015 at 06:38:43PM +0530, uday bhatye wrote: > > > > remaining things in the file are like > > > > [libdefaults] > > default_realm = reached > > ... > > .... > > .... > > > > [domain_realm] > > intern = reached > > .intern = reached > > IIRC these 'reached' entries are created if name resolution is too slow > or failing. Then the last word of some error output like 'no servers > could be reached' is put into the file instead of the right server name. > > > I used > http://ftp.skolelinux.org/skolelinux-cd/debian-edu-7.1+edu0-USB.iso > > with verified checksum for install but no internet connection during > > install. > > Most probably the missing internet connection is the reason for the > failing name resolution. If i remember correctly I faced the same > problem some time ago. > > > Now many users are using the system > > Great. > > > If something has went wrong in install, is there any way to > detect/correct > > it before it comes to jessie upgrade? > > Run 'debian-edu-test-install' and check the output. But I'm almost sure > that this 'reached' issue is the only wrong thing. > > debian-edu-test-install>~/testreport_11_03_15 and cat ~/testreport_11_03_15 |grep '^error' gives error: ./cups: URL 'https://www:631/' is not working. error: ./cups: URL 'https://localhost:631/' is not working. error: ./doc: Release manual have 6 FIXMEs. Please fix at http://wiki.debian.org/DebianEdu/Documentation/Wheezy . error: ./filesystems: No lost+found in /skole/tjener/home0/. Blocked by autofs? error: ./nagios: Nagios count NUMSVCCRIT is not zero but 30. error: ./nagios: Nagios count NUMSVCUNKN is not zero but 15. error: ./sudo: files is not enabled for sudoers in nsswitch.conf (This is before applying below mentioned fix) > You should be able to create the correct file this way: > > (1) Enter the LTSP chroot: ltsp-chroot -a i386 > (2) Run '/usr/share/debian-edu-config/tools/sssd-generate-config -k > > /etc/krb5.conf > (3) Run 'exit' to leave the chroot. > > Did this. But, now clients fail to boot and stop at starting NTP server. So, reverted to old (ltsp-chroot)/etc/krb5.conf The file I get is indeed as below. > The content of /opt/ltsp/i386/etc/krb5.conf should be like this: > --------------------------------------------------------------------------- > # Generated using /usr/share/debian-edu-config/tools/sssd-generate-config > -k > [libdefaults] > default_realm = INTERN > > # The following krb5.conf variables are only for MIT Kerberos. > krb4_config = /etc/krb.conf > krb4_realms = /etc/krb.realms > kdc_timesync = 1 > ccache_type = 4 > forwardable = true > proxiable = true > > # The following encryption type specification will be used by MIT Kerberos > # if uncommented. In general, the defaults in the MIT Kerberos code are > # correct and overriding these specifications only serves to disable new > # encryption types as they are added, creating interoperability problems. > # > # Thie only time when you might need to uncomment these lines and change > # the enctypes is if you have local software that will break on ticket > # caches containing ticket encryption types it doesn't know about (such as > # old versions of Sun Java). > > # default_tgs_enctypes = des3-hmac-sha1 > # default_tkt_enctypes = des3-hmac-sha1 > # permitted_enctypes = des3-hmac-sha1 > > # The following libdefaults parameters are only for Heimdal Kerberos. > v4_instance_resolve = false > v4_name_convert = { > host = { > rcmd = host > ftp = ftp > } > plain = { > something = something-else > } > } > fcc-mit-ticketflags = true > > [realms] > INTERN = { > kdc = kerberos > admin_server = kerberos > } > > [domain_realm] > intern = INTERN > .intern = INTERN > > [login] > krb4_convert = true > krb4_get_tickets = false > ---------------------------------------------------------- > > Wolfgang > >
