Hi Jakub

The logs are captured at the same time from both servers, you are seeing
this difference because of different timezone setting.
IPA server was at EDT and the Linux machine is set to UTC, I have made that
fix now. Do you want me to send the logs again?



On Mon, Aug 21, 2017 at 8:12 PM, Jakub Hrozek <jhro...@redhat.com> wrote:

> The client and server logs are 4 hours apart, do you have log files that
> capture the same time interval?
>
> On Fri, Aug 18, 2017 at 07:52:44PM +0530, Supratik Goswami wrote:
> > Yes, sorry my mistake.
> >
> > Please find the log entries from both server and client
> >
> > On Fri, Aug 18, 2017 at 7:46 PM, Jakub Hrozek <jhro...@redhat.com>
> wrote:
> >
> > > On Fri, Aug 18, 2017 at 07:38:21PM +0530, Supratik Goswami wrote:
> > > > Here is my sssd.conf file
> > > >
> > > > [sssd]
> > > > config_file_version = 2
> > > > services = nss, sudo, pam, ssh
> > > > domains = ipadomain.com
> > > > default_domain_suffix = adadomain.com
> > > > full_name_format = %1$s
> > > >
> > > > [nss]
> > > > homedir_substring = /home
> > >
> > > --> the debug_level goes here
> > >
> > > >
> > > > [domain/ipadomain.com]
> > > > krb5_use_enterprise_principal = True
> > > >
> > > > debug_level = 9
> > > > krb5_store_password_if_offline = True
> > > > id_provider = ipa
> > > > auth_provider = ipa
> > > > access_provider = ipa
> > > > cache_credentials = True
> > > > krb5_store_password_if_offline = True
> > > > ipa_domain = ipadomain.com
> > > > ipa_hostname = ef01.ipadomain.com
> > > > ipa_server = ipa01.ipadomain.com
> > > > chpass_provider = ipa
> > > > ldap_tls_cacert = /etc/ipa/ca.crt
> > > > dns_discovery_domain = ipadomain.com
> > > >
> > > > entry_cache_timeout = 60
> > > > [pam]
> > > >
> > > > [sudo]
> > > >
> > > > [autofs]
> > > >
> > > > [ssh]
> > > >
> > > > [pac]
> > > >
> > > > [ifp]
> > > >
> > > > On Fri, Aug 18, 2017 at 7:28 PM, Supratik Goswami <
> > > supratiksek...@gmail.com>
> > > > wrote:
> > > >
> > > > >
> > > > >
> > > > > On Fri, Aug 18, 2017 at 7:20 PM, Jakub Hrozek via FreeIPA-users <
> > > > > freeipa-users@lists.fedorahosted.org> wrote:
> > > > >
> > > > >> On Fri, Aug 18, 2017 at 07:13:13PM +0530, Supratik Goswami via
> > > > >> FreeIPA-users wrote:
> > > > >> > When executed in the server I get the below logs
> > > > >> >
> > > > >> > (Fri Aug 18 08:18:26 2017) [sssd[nss]] [orderly_shutdown]
> (0x0010):
> > > > >> > SIGTERM: killing children
> > > > >> > (Fri Aug 18 08:20:04 2017) [sssd[nss]] [orderly_shutdown]
> (0x0010):
> > > > >> > SIGTERM: killing children
> > > > >> > (Fri Aug 18 08:20:11 2017) [sssd[nss]] [orderly_shutdown]
> (0x0010):
> > > > >> > SIGTERM: killing children
> > > > >> > (Fri Aug 18 08:23:32 2017) [sssd[nss]] [orderly_shutdown]
> (0x0010):
> > > > >> > SIGTERM: killing children
> > > > >> >
> > > > >> > In the client side the log file is empty
> > > > >>
> > > > >> Well, we don't log anything by default, you need to increase the
> debug
> > > > >> level. See https://docs.pagure.org/SSSD.
> sssd/users/troubleshooting.
> > > html
> > > > >>
> > > > >>
> > > > > I have set the debug level to 9 but still does not log anything.
> > > > >
> > > > > debug_level = 9
> > > > >
> > > > >
> > > > >> >
> > > > >> > I also looked at the option full_name_format to see if I can
> use the
> > > > >> > username and ignore the domain altogether for displaying.
> > > > >> > As per the documentation "full_name_format parameter sets how
> the
> > > user
> > > > >> name
> > > > >> > and domain name (once determined) are displayed".
> > > > >> > But when I set it to *full_name_format = %1$s*  I am not able to
> > > login
> > > > >>
> > > > >> This won't work on the server at least, but should work on the
> > > clients.
> > > > >> But I would suggest to not change the defaults much and only
> deviate
> > > > >> from the defaults once the baseline works.
> > > > >>
> > > > >
> > > > > I am trying at the client side but after I update this parameter
> login
> > > > > breaks completely.
> > > > >
> > > > >
> > > > >
> > > > >> _______________________________________________
> > > > >> FreeIPA-users mailing list -- freeipa-users@lists.
> fedorahosted.org
> > > > >> To unsubscribe send an email to freeipa-users-le...@lists.fedo
> > > > >> rahosted.org
> > > > >>
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Warm Regards
> > > > >
> > > > > Supratik
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Warm Regards
> > > >
> > > > Supratik
> > >
> >
> >
> >
> > --
> > Warm Regards
> >
> > Supratik
>
>
>
>


-- 
Warm Regards

Supratik
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to