Learn more about these different git repos.
Other Git URLs
I installed IPA replica. I have a master.ipa.pb and replica.ipa.pb servers. I lowered the priority of replace.ipa.pb in SRV records so it is always picked as second. When I stop kdc on master.ipa.pb I get this result:
Failover for ldap_child GSSAPI works. But failover doesn't work for krb5_child.
If krb5_child can't contact kdc: (Thu May 18 13:23:17 2017) [[sssd[krb5_child[125945]]]] [get_and_save_tgt_with_keytab] (0x0020): 1459: [-1765328228][Cannot contact any KDC for requested realm]
We bubble up with ERR_CREDS_EXPIRED
Which result with terminating the child without sending a reply kerr = privileged_krb5_setup(kr, offline); if (kerr != 0) { DEBUG(SSSDBG_CRIT_FAILURE, "privileged_krb5_setup failed.\n"); ret = EFAULT; goto done; }
And we are unable to parse response in provider (Thu May 18 13:23:17 2017) [sssd[be[IPA.PB]]] [krb5_auth_queue_done] (0x0040): krb5_auth_recv failed with: 22 (Thu May 18 13:23:17 2017) [sssd[be[IPA.PB]]] [ipa_pam_auth_handler_krb5_done] (0x0040): KRB5 auth failed [22]: Invalid argument
And we finish without failover
ret = parse_krb5_child_response(state, buf, len, pd, state->be_ctx->domain->pwd_expiration_warning, &res); if (ret) { DEBUG(SSSDBG_OP_FAILURE, "Could not parse child response [%d]: %s\n", ret, strerror(ret)); goto done; }
Metadata Update from @jhrozek: - Issue priority set to: blocker - Issue set to the milestone: SSSD 1.16.0
Metadata Update from @jhrozek: - Issue tagged with: bug
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1422618
Issue linked to Bugzilla: Bug 1422618
Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)
Metadata Update from @jhrozek: - Issue tagged with: postpone-to-1-16-2
Metadata Update from @jhrozek: - Issue priority set to: major (was: blocker)
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.2 (was: SSSD 1.16.1)
Metadata Update from @jhrozek: - Issue untagged with: postpone-to-1-16-2
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.3 (was: SSSD 1.16.2)
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.4 (was: SSSD 1.16.3)
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 2.2 (was: SSSD 1.16.4)
This was actually fixed by https://pagure.io/SSSD/sssd/issue/3973, closing as duplicate.
Metadata Update from @pbrezina: - Issue close_status updated to: duplicate - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4428
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.