This is on a RHEL 7.2 box On Fri, Mar 18, 2016 at 3:32 PM, Striker Leggette <[email protected]> wrote:
> Hi, > > What OS is this on? I would like to try and reproduce the issue on my > side. > > Striker > > On 03/18/2016 02:31 PM, [email protected] wrote: > > I am joining a machine to a domain via Realmd and then filling out the > SSSD config with a few more directives such as setting dyndns_update = > false. Every once in a while, I'm finding that SSSD is using the old > configuration even after restarting the service or starting it > interactively. > > > > Sanitized config: > > [root@host]# cat /etc/sssd/sssd.conf > > [domain/<domain.com>] > > access_provider = simple > > ad_domain = <domain.com> > > ad_hostname = <host.domain.com> > > cache_credentials = true > > debug_level = 6 > > default_shell = /bin/bash > > dyndns_update = false > > fallback_homedir = /home/%u > > id_provider = ad > > krb5_realm = <DOMAIN.COM> > > krb5_store_password_if_offline = true > > ldap_id_mapping = true > > realmd_tags = manages-system joined-with-adcli > > simple_allow_groups = <group> > > use_fully_qualified_names = false > > > > [sssd] > > config_file_version = 2 > > domains = <domain.com> > > services = nss,pam > > > > If I restart the service, all logs are blank under /var/log/sssd/* so it > is not picking up the debug level in the config and I also have trouble > logging in. > > If I start the service interactively: > > [root@host]# sssd -d 6 -i > > ...snip... > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [ad_failover_init] > (0x0100): No primary servers defined, using service discovery > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [fo_add_srv_server] > (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'. > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [fo_add_srv_server] > (0x0400): Adding new SRV server to service 'AD' using 'tcp'. > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [_ad_servers_init] > (0x0100): Added service discovery for AD > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_update is TRUE > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_refresh_interval has value 86400 > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_iface has no value > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_ttl has value 3600 > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_update_ptr is TRUE > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_force_tcp is FALSE > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_auth has value gss-tsig > > (Fri Mar 18 14:23:58 2016) [sssd[be[<domain.com>]]] [dp_get_options] > (0x0400): Option dyndns_server has no value > > ...snip... > > > > It clearly sees dyndns_update as TRUE even though its set to false in > the config. It remains stuck in this state until i remove > /var/lib/sss/db/config.ldb and restart the service, after which everything > is fine. > > > > Is there any way for me to dig into why the config.ldb file would not be > refreshed after config changes and service restart? > > _______________________________________________ > > sssd-users mailing list > > [email protected] > > > https://lists.fedorahosted.org/admin/lists/[email protected] > _______________________________________________ > sssd-users mailing list > [email protected] > > https://lists.fedorahosted.org/admin/lists/[email protected] > -- Chadwick Banning
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
