NethServer Version: 7.6.1810
Module: ldap
All of my users are getting “denied access”
With Nethserver I see the following error:
LDAP client internal error (AccountProvider_Error_82)
When I search this the most common answer is restart nscd but that service is not included with my version of Nethserver. I need help.
Thanks.
Are all necessary services running?
I see 7.6.1810, was the server updated recently?
When it was rebooted the last time?
How long ago did latest backup run?
Yes, all services are running. I did try restarting SMB and SSSD.
I did update the server when I began experiencing issues but otherwise no. It had been restarted approximately 3 weeks ago. Data is backed up nightly and the VM image weekly.
I rolled back to the backup of the VM image and it is now working again. The issue with LDAP remains so it is probably unrelated to whatever transpired.
If I could fix that, though, I also see this error in the logs:
“Realm not local to KDC. Unable to create GSSAPI-encrypted LDAP connection”
And:
“S30nethserver-sssd-initkeytabs #4 (exit status 1280)”
I wanted to update this as the same problem recurred after, again, installing an update. This time, however, even after rolling back to the snapshot, I encountered the same problem. I decided to stick with the updated version and struggle through my issues which worsened. We have two AD servers (we’re migrating all from an old one to a new one). I mention this because even though the server joins the legacy ADS, when I tried to join it would authenticate to the replacement ADS. This was frustrating and sent me on a long goose chase.
After too many hours the solution was quite simple. I performed an unbind, deleted the computer from each ADS, joined again and all problems were solved including a few issues I had been ignoring so long as everything was working.
Lesson learned: Stick with Occam’s Razor.