NethServer Version: 7.5
Module: LADP Client
Hi, getting the above error on the Users page and not seeing any users listed.
Everything else seems ok.
Where should I start to diagnose the problem from? Still quite new to Nethserver.
Thanks
John
NethServer Version: 7.5
Module: LADP Client
Hi, getting the above error on the Users page and not seeing any users listed.
Everything else seems ok.
Where should I start to diagnose the problem from? Still quite new to Nethserver.
Thanks
John
Seeing this in the LDAP Child logs
(Mon Jul 9 08:30:48 2018) [[sssd[ldap_child[8743]]]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Cannot contact any KDC for realm ‘**********.CO.UK’ (Mon Jul 9 08:30:48 2018) [[sssd[ldap_child[8746]]]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Cannot contact any KDC for realm ‘**********.CO.UK’ (Mon Jul 9 08:32:06 2018) [[sssd[ldap_child[8859]]]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Cannot contact any KDC for realm ‘**********.CO.UK’ (Mon Jul 9 08:32:06 2018) [[sssd[ldap_child[8864]]]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Cannot contact any KDC for realm ‘**********.CO.UK’
Hi John,
did you shorten it or may this be the error? Usually NS samba domain names are like AD.DOMAIN.TLD.
Please post the output of the following commands to check the config:
config show sssd
config show dns
config show nsdc
cat /etc/hosts
cat /etc/krb5.conf
Another method is to just uninstall and reinstall the account provider. If it’s a test machine, that’s the way to go.
There are some other threads about this topic:
https://community.nethserver.org/search?q=Cannot%20contact%20any%20KDC%20for%20realm
https://community.nethserver.org/search?q=account%20provider%20error%2082
No I shortened the log entries. It is in the form ad.domain.tld in the logs.
No this is my live server at home so can’t reinstall.
Will run the commands and post back shortly.
config show sssd
sssd=service
AdDns=192.168.1.4
BindDN=ldapservice@AD.***.CO.UK
BindPassword=***
DiscoverDcType=dns
LdapURI=
Provider=ad
Realm=AD.***.CO.UK
Workgroup=***
status=enabled
config show dns
NameServers=208.67.222.222,208.67.220.220
config show nsdc
nsdc=service
IpAddress=192.168.1.4
ProvisionType=newdomain
bridge=br0
status=enabled
#
# 10localhost
#
127.0.0.1 localhost localhost.localdomain
#
# 20hostname(s)
#
192.168.1.3 remote.***.co.uk remote remote.ad.***.co.uk
#
# 30hosts_remote
#
192.168.1.2 esxi.***.co.uk esxi
#
# 40hosts_local
#
# Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/
includedir /var/lib/sss/pubconf/krb5.include.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_ccache_name = KEYRING:persistent:%{uid}
default_realm = AD.***.CO.UK
[realms]
AD.***.CO.UK = {
}
[domain_realm]
ad.***.co.uk = AD.***.CO.UK
.ad.***.co.uk = AD.***.CO.UK
Solved it by simply restarting the NSDC service…
Glad it works again. Please mark your solution, so other people will find the solution easily:
for me too as mentioned: