On Sun, Mar 05, 2017 at 02:59:39PM -0500, William Muriithi wrote:
> Jakub,
> 
> >>
> >> It does look though like kerberos is not affected as all systems can
> >> authenticate fine, so looks like its autofs issue alone
> >>
> >> This is the error I am noticing on the logs.
> >>
> >> Mar  2 14:18:29 platinum automount[2887]: key "brad" not found in map 
> >> source(s).
> >> Mar  2 14:19:18 platinum automount[2887]: bind_ldap_simple:
> >> lookup(ldap): Unable to bind to the LDAP server: (default), error
> >> Can't contact LDAP server
> >> Mar  2 14:19:21 platinum automount[2887]: bind_ldap_simple:
> >> lookup(ldap): Unable to bind to the LDAP server: (default), error
> >> Can't contact LDAP server
> >
> > I guess /etc/nsswitch.conf uses ldap for automount and not sssd?
> >
> Actually no.  We are using SSSD
> 
> Just checked to confirm and looks like below:
> 
> services:   files sss
> netgroup:   files sss
> publickey:  nisplus
> automount: sss files
> aliases:    files nisplus
> sudoers: files sss

Then I suspect automounter used to use the ldap module and then was
not restarted after nsswitch.conf was set to include sss. Because the
error messages like include error messages directly from libldap and I
wouldn't expect to see those with sssd..

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to