More information:
I ran ntpq> peers to check on the status of time sync. I received a
similar response from each server:
# ntpq
ntpq> peers
remote refid st t when poll reach delay offset
disp
========================================================================
======
*hotcdc1.otc.loc otcbkup1.otc.lo 4 u 61 128 377 0.73 -1.025
11.06
ntpq>
If I'm reading this right, it seems to show sync with the domain
controller hotcdc1.otc.local which is in turn synced to
otcbkup1.otc.local which is the first DC.
What is going on here?
Thanks,
DLE
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of
[email protected]
Sent: Friday, July 23, 2010 11:59 AM
To: [email protected]
Subject: SunRay-Users Digest, Vol 78, Issue 45
Send SunRay-Users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://www.filibeto.org/mailman/listinfo/sunray-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of SunRay-Users digest..."
Today's Topics:
1. Re: strange authentication problem (David L. Endicott)
----------------------------------------------------------------------
Message: 1
Date: Fri, 23 Jul 2010 11:54:00 -0500
From: "David L. Endicott" <[email protected]>
To: <[email protected]>
Cc: <[email protected]>
Subject: Re: [SunRay-Users] strange authentication problem
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="us-ascii"
They are solaris x64.
Sent from my iPhone
On Jul 23, 2010, at 11:10 AM, "[email protected]"
<[email protected]> wrote:
> Send SunRay-Users mailing list submissions to
> [email protected]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://www.filibeto.org/mailman/listinfo/sunray-users
> or, via email, send a message with subject or body 'help' to
> [email protected]
>
> You can reach the person managing the list at
> [email protected]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of SunRay-Users digest..."
>
>
> Today's Topics:
>
> 1. Strange probelm with user authentication (David L. Endicott)
> 2. Re: Strange probelm with user authentication
> (Gustavo Riveros (Provectis))
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 23 Jul 2010 09:08:07 -0500
> From: "David L. Endicott" <[email protected]>
> To: <[email protected]>
> Subject: [SunRay-Users] Strange probelm with user authentication
> Message-ID:
> <[email protected]>
> Content-Type: text/plain; charset="us-ascii"
>
> If anyone can help I would appreciate it. I'm pulling my hair out.
> I am running VDI3.0 on 3 servers with a remote database. I am using
> Kerberos to authenticate to active directory. I recently had to
rebuild
> one of the secondary servers. After I did, I now have the following
> problem:
> Authentication will work great for a while, then will stop. Running
the
> following command on the VDI servers restores function for a while:
> kinit -V [email protected]
>
> I had this same problem about a year ago and the issue turned out to
be
> a typo in the krb5.conf file. Here is a copy of my current file:
>
> [libdefaults]
> default_realm = OTC.LOCAL
> default_checksum = rsa-md5
>
> [realms]
> OTC.LOCAL = {
> kdc = otcdc1.otc.local
> kdc = otcbkup1.otc.local
> }
>
> [domain_realm]
> .otc.local = OTC.LOCAL
> otc.local = OTC.LOCAL
>
> I stepped up the logging levels on cacao and while it is still failing
I
> get the following in the log file when a user tries to login:
>
> Jul 23, 2010 7:29:56 AM com.sun.vda.service.client.ClientRequestWorker
> run
> FINEST: thr#38 Received request from vda-client (127.0.0.1):
> query([email protected], token=user.1271252258-7053)
> Jul 23, 2010 7:29:57 AM ADConnection kerberosLogin
> FINER: thr#38 THROW
> javax.security.auth.login.LoginException:
> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be
> null!
> at
> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
> )
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
> )
> at
>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
> oginModule.java:656)
> at
>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
> 542)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:39)
> at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> Impl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
> at
>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 1)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
>
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
> at
>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 1)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
> Jul 23, 2010 7:29:57 AM UserDirConnection getConnection
> FINER: thr#38 THROW
> javax.naming.AuthenticationException:
> javax.security.auth.login.LoginException:
> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be
> null!
> at
> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
> )
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
> )
> at
>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
> oginModule.java:656)
> at
>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
> 542)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:39)
> at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> Impl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
> at
>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 1)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
>
> at
>
com.sun.vda.service.ldap.ADConnection.processException(ADConnection.java
> :392)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 3)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
> Jul 23, 2010 7:29:57 AM com.sun.vda.service.client.ClientRequestWorker
> run
> WARNING: thr#38 Failed executing vda-client request:
> query([email protected], token=user.1271252258-7053):
> javax.naming.AuthenticationException:
> javax.security.auth.login.LoginException:
> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be
> null!
> at
> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
> )
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
> )
> at
>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
> oginModule.java:656)
> at
>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
> 542)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:39)
> at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> Impl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
> at
>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 1)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
>
> Jul 23, 2010 7:29:57 AM com.sun.vda.service.client.ClientRequestWorker
> run
> FINEST: thr#38 Sent response to vda-client:
> errorjavax.naming.AuthenticationException:
> javax.security.auth.login.LoginException:
> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be
> null!
> at
> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
> )
> at
>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
> )
> at
>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
> oginModule.java:656)
> at
>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
> 542)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:39)
> at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> Impl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
> at
>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> at
>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
> 1)
> at
> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
> on.java:174)
> at
>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
> :106)
> at
>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
> .java:119)
> at
>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
> y.java:282)
> at
>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
> 288)
> at
>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:135)
> at
>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
> a:121)
> at
>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
> at
>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
> er.java:119)
> at
>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
> ava:74)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
> r.java:650)
> at
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:675)
> at java.lang.Thread.run(Thread.java:595)
>
> I read a document that said this could be caused by time sync issues.
I
> am running the network/ntp service on each server and have the
following
> in the ntp.conf file:
>
> server hotcdc1.otc.local
>
> Which should sync it to the domain controller. The error log seems to
> show a successful sync.
>
> Running the kinit command fixes it for a while. What is going on
here?
>
> Thanks,
> DLE
>
> David L. Endicott
> President
> NeoTech Solutions, Inc.
> [email protected]
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 23 Jul 2010 12:05:29 -0400
> From: "Gustavo Riveros (Provectis)" <[email protected]>
> To: SunRay-Users mailing list <[email protected]>
> Subject: Re: [SunRay-Users] Strange probelm with user authentication
> Message-ID:
> <[email protected]>
> Content-Type: text/plain; charset="iso-8859-1"
>
> The servers are Solaris or Linux?
>
> GRE
>
> On Fri, Jul 23, 2010 at 10:08 AM, David L. Endicott <
> [email protected]> wrote:
>
>> If anyone can help I would appreciate it. I'm pulling my hair out.
>> I am running VDI3.0 on 3 servers with a remote database. I am using
>> Kerberos to authenticate to active directory. I recently had to
rebuild
>> one of the secondary servers. After I did, I now have the following
>> problem:
>> Authentication will work great for a while, then will stop. Running
the
>> following command on the VDI servers restores function for a while:
>> kinit -V [email protected]
>>
>> I had this same problem about a year ago and the issue turned out to
be
>> a typo in the krb5.conf file. Here is a copy of my current file:
>>
>> [libdefaults]
>> default_realm = OTC.LOCAL
>> default_checksum = rsa-md5
>>
>> [realms]
>> OTC.LOCAL = {
>> kdc = otcdc1.otc.local
>> kdc = otcbkup1.otc.local
>> }
>>
>> [domain_realm]
>> .otc.local = OTC.LOCAL
>> otc.local = OTC.LOCAL
>>
>> I stepped up the logging levels on cacao and while it is still
failing I
>> get the following in the log file when a user tries to login:
>>
>> Jul 23, 2010 7:29:56 AM
com.sun.vda.service.client.ClientRequestWorker
>> run
>> FINEST: thr#38 Received request from vda-client (127.0.0.1):
>> query([email protected], token=user.1271252258-7053)
>> Jul 23, 2010 7:29:57 AM ADConnection kerberosLogin
>> FINER: thr#38 THROW
>> javax.security.auth.login.LoginException:
>> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot
be
>> null!
>> at
>> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
>> )
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
>> )
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
>> oginModule.java:656)
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
>> 542)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
>> a:39)
>> at
>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
>> Impl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>> at
>>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 1)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>>
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
>> at
>>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 1)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>> Jul 23, 2010 7:29:57 AM UserDirConnection getConnection
>> FINER: thr#38 THROW
>> javax.naming.AuthenticationException:
>> javax.security.auth.login.LoginException:
>> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot
be
>> null!
>> at
>> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
>> )
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
>> )
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
>> oginModule.java:656)
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
>> 542)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
>> a:39)
>> at
>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
>> Impl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>> at
>>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 1)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>>
>> at
>>
com.sun.vda.service.ldap.ADConnection.processException(ADConnection.java
>> :392)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 3)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>> Jul 23, 2010 7:29:57 AM
com.sun.vda.service.client.ClientRequestWorker
>> run
>> WARNING: thr#38 Failed executing vda-client request:
>> query([email protected], token=user.1271252258-7053):
>> javax.naming.AuthenticationException:
>> javax.security.auth.login.LoginException:
>> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot
be
>> null!
>> at
>> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
>> )
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
>> )
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
>> oginModule.java:656)
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
>> 542)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
>> a:39)
>> at
>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
>> Impl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>> at
>>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 1)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>>
>> Jul 23, 2010 7:29:57 AM
com.sun.vda.service.client.ClientRequestWorker
>> run
>> FINEST: thr#38 Sent response to vda-client:
>> errorjavax.naming.AuthenticationException:
>> javax.security.auth.login.LoginException:
>> java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot
be
>> null!
>> at
>> sun.security.krb5.EncryptionKey.<init>(EncryptionKey.java:212)
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:190
>> )
>> at
>>
sun.security.krb5.EncryptionKey.acquireSecretKeys(EncryptionKey.java:158
>> )
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5L
>> oginModule.java:656)
>> at
>>
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:
>> 542)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
>> a:39)
>> at
>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
>> Impl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:585)
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>> at
>>
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
com.sun.vda.service.ldap.ADConnection.kerberosLogin(ADConnection.java:15
>> 1)
>> at
>> com.sun.vda.service.ldap.ADConnection.bind(ADConnection.java:124)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getConnection(UserDirConnecti
>> on.java:174)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.<init>(UserDirConnection.java
>> :106)
>> at
>>
com.sun.vda.service.ldap.UserDirConnection.getInstance(UserDirConnection
>> .java:119)
>> at
>>
com.sun.vda.service.core.UserDirectory.getUserDirConnection(UserDirector
>> y.java:282)
>> at
>>
com.sun.vda.service.core.UserDirectory.getConnection(UserDirectory.java:
>> 288)
>> at
>>
com.sun.vda.service.core.UserDirectory.getBaseDn(UserDirectory.java:292)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:135)
>> at
>>
com.sun.vda.service.core.UserDirectory.getDnFromUserId(UserDirectory.jav
>> a:121)
>> at
>>
com.sun.vda.service.client.QueryDesktops.execute(QueryDesktops.java:67)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.execute(ClientRequestWork
>> er.java:119)
>> at
>>
com.sun.vda.service.client.ClientRequestWorker.run(ClientRequestWorker.j
>> ava:74)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecuto
>> r.java:650)
>> at
>>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
>> va:675)
>> at java.lang.Thread.run(Thread.java:595)
>>
>> I read a document that said this could be caused by time sync issues.
I
>> am running the network/ntp service on each server and have the
following
>> in the ntp.conf file:
>>
>> server hotcdc1.otc.local
>>
>> Which should sync it to the domain controller. The error log seems
to
>> show a successful sync.
>>
>> Running the kinit command fixes it for a while. What is going on
here?
>>
>> Thanks,
>> DLE
>>
>> David L. Endicott
>> President
>> NeoTech Solutions, Inc.
>> [email protected]
>>
>> _______________________________________________
>> SunRay-Users mailing list
>> [email protected]
>> http://www.filibeto.org/mailman/listinfo/sunray-users
>>
>>
>
>
> --
> Gustavo Riveros
> Consultor TI | Provectis S.A.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
<http://www.filibeto.org/pipermail/sunray-users/attachments/20100723/0eb
cd378/attachment.html>
>
> ------------------------------
>
> _______________________________________________
> SunRay-Users mailing list
> [email protected]
> http://www.filibeto.org/mailman/listinfo/sunray-users
>
>
> End of SunRay-Users Digest, Vol 78, Issue 42
> ********************************************
>
------------------------------
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
End of SunRay-Users Digest, Vol 78, Issue 45
********************************************
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
