Thank you @dnutan @Andy_Wismer
I research a little more and found…
About that GPO message
- Every time Proxmox does a backup of the NS/AD server that message occurs (each hour *1)
Then, running in PS the command I see this GPO that I don’t remember that I use (ever) Hotspot off:
The information in the links gives me a little more peace of mind:
…no need to worry, this is a non-critical error and can easily be fixed. Reason that is happening is that your AD contains a GPO which has not been fully configured for SSSD to be able to read.
First, try to resolve the error from within Active Directory by checking the listed GPO contains the following readable attributes: …
*1) It seems that it was a coincidence about the backups; checking the schedule, the backups are done every 2 hours and not every hour. After the restart, the message did not come out; but it happened before and later resurfaced, it is just a matter of waiting.
2) The message still appears, so I added the configuration option
ad_gpo_ignore_unreadable = True in
/etc/sssd/sssd.conf after backing it up; I’ll restart the server tonight and I’ll keep an eye on it for a few days. I don
t dare to delete the cache as the post indicates: systemctl stop sssd && rm -f /var/lib/sss/db* && systemctl start sssd`
(Not related, I hope) Another 2 problems that I detected while reviewing the above
I think that this need to be another post; I leave here for now just to extract the info later.
A. From a terminal I ran the commands
Jobs: 1 queued
Failed: 1 units
Since: Mon 2023-07-24 08:10:01 MST; 1 weeks 1 days ago
- systemctl --failed
And I found that an error (degraded); about OpenVPN which I am not using
And it still shows as degraded after a restart.
I already checked and I don’t have this service installed or activated; I don’t understand why it shows it as Loaded.
B. Zabbix server not running, I started seeing this message about a week ago, which I ignored because of other problems;
I tried to start it manually from the services without success.
For now I disabled “zabbix-agent” and “zabbix-server”; “zabbix-agent2” was disabled
I suspect I inadvertently damaged Zabbix by trying to update it (without understanding the correct process to do it).
Will it be possible to correct Zabbix without losing everything configured?
Maybe it’s time to restore a backup from about 2 or 3 weeks ago to see if the problem persists, I already protected the backups from a month ago in Proxmox Backup Server, to have a chance to restore them.