On Tue, Feb 02, 2016 at 04:59:37PM -0800, Terence Kent wrote:
> We’ve been using SSSD with FreeIPA very successfully for a while now - we
> love it. Recently, we’ve noticed that all our linux hosts (All Ubuntu 14.04)
> log the following message pretty regularly (several dozen times per day):
> "Failed to initialize credentials using keytab [default]: Generic error (see
> e-text). Unable to create GSSAPI-encrypted LDAP connection.”
> Now, outside of this message, we have no symptoms that things aren’t
> functioning properly. SSSD is properly recognizing changes whenever we update
> our FreeIPA server.
> Can anyone point us in the right direction on how to fix this issue? So far,
> we’ve done the following:
> 1. Verified the /etc/krb5.keytab seems to be fine (and it does).
with kinit -k, right?
> 2. Verified that changes to our FreeIPA servers properly get replicated to
> the clients.
strange, I would have thought that this would cause the client to go
offline. Can you send the complete logs? Ideally ldap_child.log and
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project