On Tue, Sep 24, 2013 at 09:38:49PM +0400, Михаил А wrote: > ok, all sssd logs > > > 2013/9/24 Jakub Hrozek <jhro...@redhat.com> > > > On Tue, Sep 24, 2013 at 03:00:22PM +0400, Михаил А wrote: > > > [sssd] > > > services = nss, pam, ssh > > > config_file_version = 2 > > > debug_level = 5 > > > domains = ipa.sys.local > > > > Please put the debug_level directive to the [domain] section and then > > attach /var/log/sssd/sssd_$domain.log
It seems that the SSSD has trouble contacting the AD from the replica: Tue Sep 24 21:17:38 2013) [sssd[be[ipa.sys.local]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://pk429ad-dc01.sys.local' (Tue Sep 24 21:17:38 2013) [sssd[be[ipa.sys.local]]] [ad_resolve_callback] (0x0100): Constructed GC uri 'ldap://pk429ad-dc01.sys.local' (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [sdap_async_sys_connect_timeout] (0x0100): The LDAP connection timed out (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [sss_ldap_init_sys_connect_done] (0x0020): sdap_async_sys_connect request failed. (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [sdap_sys_connect_done] (0x0020): sdap_async_connect_call request failed. (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'pk429ad-dc01.sys.local' as 'not working' (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'sys.local' (Tue Sep 24 21:17:44 2013) [sssd[be[ipa.sys.local]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved Can you check the connectivity from the replica? _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
