Hi, What OS is this on? I would like to try and reproduce the issue on my side.
Striker On 03/18/2016 02:31 PM, [email protected] wrote: > I am joining a machine to a domain via Realmd and then filling out the SSSD > config with a few more directives such as setting dyndns_update = false. > Every once in a while, I'm finding that SSSD is using the old configuration > even after restarting the service or starting it interactively. > > Sanitized config: > [root@host]# cat /etc/sssd/sssd.conf > [domain/<domain.com>] > access_provider = simple > ad_domain = <domain.com> > ad_hostname = <host.domain.com> > cache_credentials = true > debug_level = 6 > default_shell = /bin/bash > dyndns_update = false > fallback_homedir = /home/%u > id_provider = ad > krb5_realm = <DOMAIN.COM> > krb5_store_password_if_offline = true > ldap_id_mapping = true > realmd_tags = manages-system joined-with-adcli > simple_allow_groups = <group> > use_fully_qualified_names = false > > [sssd] > config_file_version = 2 > domains = <domain.com> > services = nss,pam > > If I restart the service, all logs are blank under /var/log/sssd/* so it is > not picking up the debug level in the config and I also have trouble logging > in. > If I start the service interactively: > [root@host]# sssd -d 6 -i > ...snip... > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [ad_failover_init] > (0x0100): No primary servers defined, using service discovery > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [fo_add_srv_server] > (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'. > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [fo_add_srv_server] > (0x0400): Adding new SRV server to service 'AD' using 'tcp'. > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [_ad_servers_init] > (0x0100): Added service discovery for AD > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_update is TRUE > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_refresh_interval has value 86400 > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_iface has no value > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_ttl has value 3600 > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_update_ptr is TRUE > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_force_tcp is FALSE > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_auth has value gss-tsig > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_server has no value > ...snip... > > It clearly sees dyndns_update as TRUE even though its set to false in the > config. It remains stuck in this state until i remove > /var/lib/sss/db/config.ldb and restart the service, after which everything is > fine. > > Is there any way for me to dig into why the config.ldb file would not be > refreshed after config changes and service restart? > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/admin/lists/[email protected] _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
