On Mon, Aug 25, 2014 at 08:02:02AM -0400, Megan . wrote: > Below is the output from the sss_<domain>.log when i ran the sudo > command as the user. I see things about offline replies and LDAP not > working. Is this my problem or is this part of a normal series of > items that are tried? > > > (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]] > [be_resolve_server_process] (0x0200): Found address for server > dir1.server.example.com: [10.10.26.148] TTL 7200 > > (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]] > [child_sig_handler] (0x0100): child [17823] finished successfully. > > (Mon Aug 25 11:54:46 2014) [sssd[be[server.example.com]]] > [sdap_kinit_done] (0x0100): Could not get TGT: 14 [Bad address]
It appears your keytab is wrong. Can you run: kinit -k as root on that machine? If you prepend KRB5_TRACE you will see a lot of debugging info. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project