Thanks for your help, everyone!
On 01/16/2014 11:52 AM, Jan Cholasta wrote:
I think you can just comment out the whole [domain/] section in sssd.conf and restart sssd. Does that solve the problem? If not, could you please post your sssd.conf here?On 16.1.2014 11:21, Bret Wortman wrote:Yes, though there should be only one. We ended up somehow with foo.com and .foo.com and I'm not sure how to reduce us properly to just foo.com.Bret Wortman http://bretwortman.com/ http://twitter.com/BretWortmanOn Jan 16, 2014, at 4:42 AM, Jan Cholasta <jchol...@redhat.com> wrote:OK, there is definitely something going on in the client then. Are there multiple domains configured in sssd.conf?On 15.1.2014 13:56, Bret Wortman wrote: The fingerprint does match.On 01/15/2014 03:33 AM, Jan Cholasta wrote:On 14.1.2014 12:34, Bret Wortman wrote:The key in /etc/ssh/ssh_host_rsa_key.pub matches what's in IPA for the host in question. It should not have had any connectivity issues; it'sco-located with several of our IPA masters.Can you also check if the MD5 fingerprint reported by ssh (e.g.2a:1e:1c:87:33:44:fb:87:ab:6f:ee:80:d5:21:7e:ab in your original post)matches the MD5 fingerprint for the host in IPA?-- Jan Cholasta
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users