Hi I am migrating to freeipa from openldap and have around 4000 clients
I had openned a another thread on that, but chose to start a new one here as its a separate issue I was able to change the nssslapd-maxdescriptors adding an ldif file cat nsslapd-modify.ldif dn: cn=config changetype: modify replace: nsslapd-maxdescriptors nsslapd-maxdescriptors: 17000 and running the ldapmodify command I have now started moving clients running an openldap to Freeipa and have today moved close to 2000 clients However, I have noticed that IPA hangs intermittently. running a kinit admin returns the below error kinit: Generic error (see e-text) while getting initial credentials from the /var/log/messages, I see this entry prod-ipa-master-int kernel: [104090.315801] TCP: request_sock_TCP: Possible SYN flooding on port 88. Sending cookies. Check SNMP counters. Aug 18 13:00:01 prod-ipa-master-int systemd[1]: Started Session 4885 of user root. Aug 18 13:00:01 prod-ipa-master-int systemd[1]: Starting Session 4885 of user root. Aug 18 13:01:01 prod-ipa-master-int systemd[1]: Started Session 4886 of user root. Aug 18 13:01:01 prod-ipa-master-int systemd[1]: Starting Session 4886 of user root. Aug 18 13:02:40 prod-ipa-master-int python[28984]: ansible-command Invoked with creates=None executable=None shell=True args= removes=None warn=True chdir=None Aug 18 13:04:37 prod-ipa-master-int sssd_be: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (KDC returned error string: PROCESS_TGS) Could it be possible that its due to the initial load of adding the clients or is there something else that I need to take care of. Thanks, Rakesh
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
