[Freeipa-users] User AD can not Login Client Linux

Sun, 23 Aug 2015 06:29:43 -0700 

Hi i install Centos 7.1 (IDM Server)
and integrate with Windows SERVER 2008 R2 Trust
USER AD can not Login on client (OLE 6.6) but User create idm can login

name IDM SERVER= ipasrv.l.infotechpsp.net
domain Windows = infotechpsp.net

i execute [ kinit [email protected]] on IDM Server
and klist and show keytab abagheri
but execute     kvno [email protected]
get ERROR kvno Server not found in kerberos database
please help me and thank you

KLIST
================================

Valid starting     Expires            Service principal
08/23/15 17:09:53  08/24/15 03:11:34  krbtgt/[email protected]
        renew until 08/24/15 17:09:53

==================================

Tail LOG /var/log/secure
==================================
Aug 23 17:08:19 ussd7 sshd[10280]: Invalid user [email protected]
from 172.26.26.34
Aug 23 17:08:19 ussd7 sshd[10281]: input_userauth_request: invalid user
[email protected]
Aug 23 17:08:27 ussd7 sshd[10280]: pam_unix(sshd:auth): check pass; user
unknown
Aug 23 17:08:27 ussd7 sshd[10280]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.26.26.34
Aug 23 17:08:28 ussd7 sshd[10280]: pam_succeed_if(sshd:auth): error
retrieving information about user [email protected]
Aug 23 17:08:30 ussd7 sshd[10280]: Failed password for invalid user
[email protected] from 172.26.26.34 port 63552 ssh2

=====================================

Tail LOG /var/log/sssd/ssd_l.infotechpsp.net debug_level = 6
=====================================
sssd_l.infotechpsp.net
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_subdomains] (0x0400): Got get subdomains [forced][infotechpsp.net]
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is neutral
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0400): SRV resolution of service 'IPA'. Will use DNS discovery domain '
l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_cont]
(0x0100): Searching for servers via SRV query '_ldap._tcp.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._
tcp.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_done]
(0x0400): Inserted server 'ipasrv.l.infotechpsp.net:389' for service IPA
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_srv_data_status] (0x0100): Marking SRV lookup of service 'IPA' as
'resolved'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of '
ipasrv.l.infotechpsp.net' in files
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'resolving name'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record
of 'ipasrv.l.infotechpsp.net' in files
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_next] (0x0200): No more address families to retry
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of '
ipasrv.l.infotechpsp.net' in DNS
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'name resolved'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420165]
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:45 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13370] finished successfully.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTTrustedDomain][cn=trusts,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [be_run_online_cb]
(0x0080): Going online. Running callbacks.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaIDRange][cn=ranges,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTDomainAttrs][cn=ad,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[get_subdomains_callback] (0x0400): Backend returned: (0, 0, <NULL>)
[Success]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_account_info] (0x0100): Got request for [4097][1][name=abagheri]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[delayed_online_authentication_callback] (0x0200): Backend is online,
starting delayed online authentication.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13378] finished successfully.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420166]
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTTrustedDomain][cn=trusts,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaIDRange][cn=ranges,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[objectclass=ipaNTDomainAttrs][cn=ad,cn=etc,dc=l,dc=infotechpsp,dc=net].
(Sun Aug 23 17:12:46 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420166]
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13387] finished successfully.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420167]
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13390] finished successfully.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:47 2015) [sssd[be[l.infotechpsp.net]]]
[acctinfo_callback] (0x0100): Request processed. Returned 3,5,User lookup
failed
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_get_account_info] (0x0100): Got request for [4097][1][name=abagheri]
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:51 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420171]
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_cli_auth_step] (0x0100): expire timeout is 900
(Sun Aug 23 17:12:52 2015) [sssd[be[l.infotechpsp.net]]] [sasl_bind_send]
(0x0100): Executing sasl bind mech: GSSAPI, user: host/
ussd7.l.infotechpsp.net
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13440] finished successfully.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_set_port_status] (0x0100): Marking port 389 of server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[set_server_common_status] (0x0100): Marking server '
ipasrv.l.infotechpsp.net' as 'working'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_send] (0x0400): Executing extended operation
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_exop_done] (0x0400): ldap_extended_operation result: Operations
error(1), (null)
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_s2n_get_user_done] (0x0040): s2n exop request failed.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[ipa_resolve_callback] (0x0400): Constructed uri 'ldap://
ipasrv.l.infotechpsp.net'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(objectclass=*)][].
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg
set
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [sdap_kinit_send]
(0x0400): Attempting kinit (default, host/ussd7.l.infotechpsp.net,
L.INFOTECHPSP.NET, 86400)
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA'
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[be_resolve_server_process] (0x0200): Found address for server
ipasrv.l.infotechpsp.net: [10.30.160.19] TTL 1200
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[child_sig_handler] (0x0100): child [13463] finished successfully.
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[read_pipe_handler] (0x0400): EOF received, client finished
(Sun Aug 23 17:12:53 2015) [sssd[be[l.infotechpsp.net]]]
[sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/
ccache_L.INFOTECHPSP.NET], expired on [1440420173]
========================================================

KRB5_TRACE=/dev/stdout kinit [email protected]
=========================================================
[30728] 1440335311.68980: Getting initial credentials for
[email protected]
[30728] 1440335311.69469: Sending request (189 bytes) to INFOTECHPSP.NET
[30728] 1440335311.78681: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335311.80054: Sending initial UDP request to dgram
10.30.160.10:88
[30728] 1440335311.81614: Received answer from dgram 10.30.160.10:88
[30728] 1440335311.82441: Response was not from master KDC
[30728] 1440335311.82480: Received error from KDC: -1765328359/Additional
pre-authentication required
[30728] 1440335311.82540: Processing preauth types: 16, 15, 19, 2
[30728] 1440335311.82564: Selected etype info: etype aes256-cts, salt
"INFOTECHPSP.NETabagheri", params ""
Password for [email protected]:
[30728] 1440335316.413940: AS key obtained for encrypted timestamp:
aes256-cts/6EB2
[30728] 1440335316.414096: Encrypted timestamp (for 1440335316.413959):
plain 301AA011180F32303135303832333133303833365AA1050203065107, encrypted
C21063B913A873247164036343C8C18198FB7A19A6341F1BD48CBF3CECE5772023954D0F8850CE61309443C53704E259ACBE25CF920CABA4
[30728] 1440335316.414152: Preauth module encrypted_timestamp (2) (flags=1)
returned: 0/Success
[30728] 1440335316.414166: Produced preauth for next request: 2
[30728] 1440335316.414212: Sending request (269 bytes) to INFOTECHPSP.NET
[30728] 1440335316.416361: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335316.417200: Sending initial UDP request to dgram
10.30.160.10:88
[30728] 1440335316.419693: Received answer from dgram 10.30.160.10:88
[30728] 1440335316.420497: Response was not from master KDC
[30728] 1440335316.420525: Received error from KDC: -1765328332/Response
too big for UDP, retry with TCP
[30728] 1440335316.420541: Request or response is too big for UDP; retrying
with TCP
[30728] 1440335316.420552: Sending request (269 bytes) to INFOTECHPSP.NET
(tcp only)
[30728] 1440335316.421353: Resolving hostname mdc2.infotechpsp.net.
[30728] 1440335316.422129: Initiating TCP connection to stream
10.30.160.10:88
[30728] 1440335316.423915: Sending TCP request to stream 10.30.160.10:88
[30728] 1440335316.425538: Received answer from stream 10.30.160.10:88
[30728] 1440335316.426457: Response was not from master KDC
[30728] 1440335316.426505: Processing preauth types: 19
[30728] 1440335316.426523: Selected etype info: etype aes256-cts, salt
"INFOTECHPSP.NETabagheri", params ""
[30728] 1440335316.426536: Produced preauth for next request: (empty)
[30728] 1440335316.426552: AS key determined by preauth: aes256-cts/6EB2
[30728] 1440335316.426641: Decrypted AS reply; session key is:
aes256-cts/3E32
[30728] 1440335316.426649: FAST negotiation: unavailable
[30728] 1440335316.426691: Initializing FILE:/tmp/krb5cc_0 with default
princ [email protected]
[30728] 1440335316.606035: Removing [email protected] -> krbtgt/
[email protected] from FILE:/tmp/krb5cc_0
[30728] 1440335316.606062: Storing [email protected] -> krbtgt/
[email protected] in FILE:/tmp/krb5cc_0

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to