On Tue, Feb 02, 2016 at 04:59:37PM -0800, Terence Kent wrote:
> Hello,
> We’ve been using SSSD with FreeIPA very successfully for a while now - we 
> love it. Recently, we’ve noticed that all our linux hosts (All Ubuntu 14.04) 
> log the following message pretty regularly (several dozen times per day):
> "Failed to initialize credentials using keytab [default]: Generic error (see 
> e-text). Unable to create GSSAPI-encrypted LDAP connection.”
> Now, outside of this message, we have no symptoms that things aren’t 
> functioning properly. SSSD is properly recognizing changes whenever we update 
> our FreeIPA server. 
> Can anyone point us in the right direction on how to fix this issue? So far, 
> we’ve done the following:
> 1. Verified the /etc/krb5.keytab seems to be fine (and it does).

with kinit -k, right?

> 2. Verified that changes to our FreeIPA servers properly get replicated to 
> the clients.

strange, I would have thought that this would cause the client to go
offline. Can you send the complete logs? Ideally ldap_child.log and

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to