On Mon, 10 Nov 2014, William Muriithi wrote:
less /var/log/sssd/sssd_example.loc.log

(Mon Nov 10 15:58:21 2014) [sssd[be[example.loc]]] [fo_set_port_status] 
(0x0100): Marking port 389 of server 'ipa3-yyz-int.example.loc' as 'working'
(Mon Nov 10 15:58:21 2014) [sssd[be[example.loc]]] [set_server_common_status] 
(0x0100): Marking server 'ipa3-yyz-int.example.loc' as 'working'
(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [be_get_account_info] 
(0x0100): Got request for [4097][1][name=wmuriithi]
(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] 
(0x0040): s2n exop request failed.
(Mon Nov 10 16:01:44 2014) [sssd[be[example.loc]]] [acctinfo_callback] 
(0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] 
(0x0100): Got request for [4097][1][name=wmuriithi]
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] 
(0x0040): s2n exop request failed.
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [acctinfo_callback] 
(0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] 
(0x0100): Got request for [4097][1][name=wmuriithi]
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] 
(0x0040): s2n exop request failed.
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [acctinfo_callback] 
(0x0100): Request processed. Returned 3,1432158221,Account info lookup failed
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [be_get_account_info] 
(0x0100): Got request for [4097][1][name=wmuriithi]
(Mon Nov 10 16:01:57 2014) [sssd[be[example.loc]]] [ipa_s2n_get_user_done] 
(0x0040): s2n exop request failed.

Does this mean I have to recreate the trust relationship?  I didn't get
any error when I set up the trust last week and uncertain recreating
the trust would help.  Would highly appreciate any pointers on what
would be best way forward.
's2n exop request failed' above tells that communication to IPA master
didn't succeed in looking up AD users and groups. You need to enable
debug in sssd on IPA master and provide logs from there.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to