On 06/04/2015 05:13 PM, Sina Owolabi wrote: > Hi Martin > > I have deleted everything in /var/lib/sss/db/ and restarted sssd, > no luck.
In that case, I am afraid you might need to enable sudo and SSSD debug (https://fedorahosted.org/sssd/wiki/Troubleshooting) and see where it hans. Also CCing sudo/sssd SMEs to be aware. > > On Thu, Jun 4, 2015 at 4:10 PM, Martin Kosek <mko...@redhat.com> wrote: >> On 06/04/2015 05:06 PM, Cory Carlton wrote: >>> I would check for DNS resolution from the machine executing the sudo, to >>> the IPA server. >> >> I would also suggest cleaning SSSD caches, since you reinstalled against the >> same domain, but actually different server (/var/lib/sss/db/) >> >>> On Thu, Jun 4, 2015 at 9:54 AM, Sina Owolabi <notify.s...@gmail.com> wrote: >>> >>>> Hi >>>> >>>> I recently had to remove and reinstall a fresh IPA server. I am >>>> currently re-enrolling all the ipa clients to the recently refreshed >>>> domain (same name as the previous realm and domain). The new IPA >>>> master is RHEL7.1 with IPA 4.1.3. >>>> >>>> All client servers are running RHEL6.6. >>>> >>>> I also have sudorule that allows a group to have access to run all >>>> commands on all servers: >>>> >>>> Rule name: All >>>> Enabled: TRUE >>>> Host category: all >>>> Command category: all >>>> User Groups: superusers >>>> Sudo Option: !authenticate >>>> ---------------------------- >>>> >>>> I noticed that trying to run sudo on a few of the servers makes the >>>> command hang indefinitely. >>>> I am not sure what is the cause and where to look. Please what can I >>>> do to troubleshoot and fix this? >>>> >>>> -- >>>> Manage your subscription for the Freeipa-users mailing list: >>>> https://www.redhat.com/mailman/listinfo/freeipa-users >>>> Go to http://freeipa.org for more info on the project >>>> >>> >>> >>> >> -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project