Hi List

I've just tried to restart my IPA services after recently adding a new
replica (0 configuration changes on the IPA server otherwise!), but
ipactl fails when starting up named:

---
[root@lolpr-xyz-mstr slapd-XYZ-LOCAL]# ipactl start
Starting Directory Service
Starting krb5kdc Service
Starting kadmin Service
Starting named Service
Job for named.service failed. See 'systemctl status named.service' and
'journalctl -xn' for details.
Failed to start named Service
Shutting down
Aborting ipactl
---

I then manual start named service and try again, but then smb service fails:

---
[root@lolpr-xyz-mstr ~]# ipactl start
Existing service file detected!
Assuming stale, cleaning and proceeding
Starting Directory Service
Starting krb5kdc Service
Starting kadmin Service
Starting named Service
Starting ipa_memcached Service
Starting httpd Service
Starting pki-tomcatd Service
Starting smb Service
Job for smb.service failed. See 'systemctl status smb.service' and
'journalctl -xn' for details.
Failed to start smb Service
Shutting down
Aborting ipactl
---

systemctl status shows the following output for smb.service:

---
[root@lolpr-xyz-mstr ~]# systemctl -l status smb.service
smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled)
   Active: failed (Result: exit-code) since Wed 2015-04-01 09:21:10
AST; 1min 14s ago
  Process: 4662 ExecStart=/usr/sbin/smbd $SMBDOPTIONS (code=exited,
status=1/FAILURE)
 Main PID: 4662 (code=exited, status=1/FAILURE)
   Status: "Starting process..."
   CGroup: /system.slice/smb.service

Apr 01 09:21:09 lolpr-xyz-mstr.xyz.local smbd[4662]: GSSAPI client step 1
Apr 01 09:21:09 lolpr-xyz-mstr.xyz.local smbd[4662]: GSSAPI Error:
Unspecified GSS failure.  Minor code may provide more information
(Server ldap/lolpr-xyz-mstr@XYZ.LOCAL not found in Kerberos database)
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local smbd[4662]: [2015/04/01
09:21:10.211028,  0] ipa_sam.c:4440(pdb_init_ipasam)
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local smbd[4662]: Failed to get base DN.
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local smbd[4662]: [2015/04/01
09:21:10.211210,  0]
../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local smbd[4662]: pdb backend
ipasam:ldapi://%2fvar%2frun%2fslapd-XYZ-LOCAL.socket did not correctly
init (error was NT_STATUS_UNSUCCESSFUL)
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local systemd[1]: smb.service: main
process exited, code=exited, status=1/FAILURE
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local systemd[1]: Failed to start
Samba SMB Daemon.
Apr 01 09:21:10 lolpr-xyz-mstr.xyz.local systemd[1]: Unit smb.service
entered failed state.
Apr 01 09:21:12 lolpr-xyz-mstr.xyz.local systemd[1]: Stopped Samba SMB Daemon.
---


I manually try to start the smb service as follows, but can't (Of
course the directory service is not up, so there's a little catch22
there and this many not mean much):


---

[root@lolpr-xyz-mstr slapd-XYZ-LOCAL]# systemctl status smb.service
smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled)
   Active: failed (Result: exit-code) since Wed 2015-04-01 09:50:38 AST; 57s ago
  Process: 8089 ExecStart=/usr/sbin/smbd $SMBDOPTIONS (code=exited,
status=1/FAILURE)
 Main PID: 8089 (code=exited, status=1/FAILURE)
   Status: "Starting process..."

Apr 01 09:50:36 lolpr-xyz-mstr.xyz.local smbd[8089]: kerberos error:
code=-1765328228, message=Cannot contact any KDC for realm 'XYZ.LOCAL'
Apr 01 09:50:37 lolpr-xyz-mstr.xyz.local smbd[8089]: [2015/04/01
09:50:37.573772,  0] ipa_sam.c:4128(bind_callback_cleanup)
Apr 01 09:50:37 lolpr-xyz-mstr.xyz.local smbd[8089]: kerberos error:
code=-1765328228, message=Cannot contact any KDC for realm 'XYZ.LOCAL'
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local smbd[8089]: [2015/04/01
09:50:38.574722,  0] ipa_sam.c:4440(pdb_init_ipasam)
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local smbd[8089]: Failed to get base DN.
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local smbd[8089]: [2015/04/01
09:50:38.574903,  0]
../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local smbd[8089]: pdb backend
ipasam:ldapi://%2fvar%2frun%2fslapd-XYZ-LOCAL.socket did not correctly
init (error was NT_STATUS_UNSUCCESSFUL)
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local systemd[1]: smb.service: main
process exited, code=exited, status=1/FAILURE
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local systemd[1]: Failed to start
Samba SMB Daemon.
Apr 01 09:50:38 lolpr-xyz-mstr.xyz.local systemd[1]: Unit smb.service
entered failed state.
[root@lolpr-xyz-mstr slapd-XYZ-LOCAL]#

---

Please could someone advise me on how to drill deeper into debugging
this issue to get ipactl to start ?

NOTES:

- This server is successfully in a Trust relationship with ActiveDirectory.
- There are a number of replicas established which have been working
fine til this morning
- Another replica was added around the time of the failure using the
same steps as usual (not sure how this could be related)


Many thanks in advance,
Traiano

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to