Samba is not working (SSSD accountsprovider error)

local
activedirectory

(Hector Perez) #1

NethServer 7.5 RC1. (Updated from 7.4).

The samba server was working all right but it doesn’t work it said there is an error SSSD1 But I can’t catch the screen.

I reboot the server, restarts the process but it keeps not working.

/var/log/samba/log.smbd

[2018/06/05 14:22:01.123273, 0] …/lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon ‘smbd’ finished starting up and ready to serve connections
[2018/06/05 14:22:13.145615, 0] …/source3/printing/nt_printing.c:187(nt_printing_init)
nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
[2018/06/05 15:46:17.561916, 0] …/lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon ‘smbd’ finished starting up and ready to serve connections
[2018/06/05 15:46:29.615680, 0] …/source3/printing/nt_printing.c:187(nt_printing_init)
nt_printing_init: error checking published printers: WERR_ACCESS_DENIED

Don’t know what to do.


SSSD code 1: could not resolve domain of Active Directory
(Hector Perez) #2

Here is the error.

I’m using Samba LDAP.

Could not connect to accounts provider!!!


(Davide Principi) #3

Please attach the output of the following commands on gist.github.com (or similar service)

account-provider-test dump
journalctl  -M nsdc

(Hector Perez) #4

Here is the dump file.


(Davide Principi) #5

The journal is really long and appears truncated!

Could you attach also

 systemctl status -M nsdc samba
 systemctl status nsdc

Another useful test sometimes is

yum install -y nmap
nmap $(config getprop nsdc IpAddress)

@fasttech could be interested too… (Welcome back dear!) NethServer 7.5 RC1 released


(Hector Perez) #6

The service is running, but can’t authenticate.


(Davide Principi) #7

Ok, the nmap command output says if all samba sub-processes are running correctly. Here’s the expected output:

$ nmap nsdc
Starting Nmap 7.60 ( https://nmap.org ) at 2018-06-07 09:19 CEST
Nmap scan report for nsdc (XXXXXXXXXXXXXX)
Host is up (0.00015s latency).
rDNS record for XXXXXXXXXXXXXX
Not shown: 987 closed ports
PORT      STATE SERVICE
53/tcp    open  domain
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown

Under some conditions related to upstream updates the kerberos-sec and kpasswd5 are missing and authentication stops working. Please check your.

Can you see the accounts list under “Users and groups” page?

This command should fail and show the error you see in the UI

/usr/libexec/nethserver/list-users administrator

Could you check also your DNS/SSSD/Kerberos config

config show dns
config show sssd
config show nsdc
systemctl status dnsmasq
systemctl status sssd
cat /etc/krb5.conf

(Hector Perez) #8

Nope, is not working…

Nmap output:

[root@nethserver ~]# nmap nsdc

Starting Nmap 6.40 ( http://nmap.org ) at 2018-06-07 09:13 -05
Failed to resolve "nsdc".
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 10.06 seconds

config show dns

[root@nethserver ~]# config show dns
dns=configuration
    NameServers=192.168.3.1

config show sssd

[root@nethserver ~]# config show sssd
sssd=service
    AdDns=192.168.3.201
    BindDN=ldapservice@AD.INFO2.UNICENTROBOGOTA.COM
    BindPassword=rZ_xNJ8FDFDnsi7y
    LdapURI=
    Provider=ad
    Realm=AD.INFO2.UNICENTROBOGOTA.COM
    Workgroup=UCB
    status=enabled

config show nsdc

[root@nethserver ~]# config show nsdc
nsdc=service
    IpAddress=192.168.3.201
    ProvisionType=newdomain
    bridge=br0
    status=enabled

systemctl status dnsmasq

[root@nethserver ~]# systemctl status dnsmasq
● dnsmasq.service - DNS caching server.
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/dnsmasq.service.d
           └─ipset.conf
   Active: active (running) since Tue 2018-06-05 14:21:47 -05; 1 day 18h ago
  Process: 1713 ExecStartPre=/etc/e-smith/events/actions/nethserver-squid-ipset (code=exited, status=0/SUCCESS)
 Main PID: 2128 (dnsmasq)
    Tasks: 1
   CGroup: /system.slice/dnsmasq.service
           └─2128 /usr/sbin/dnsmasq -k

Jun 05 14:21:47 nethserver.info2.unicentrobogota.com systemd[1]: Started DNS ...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: started, ...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: compile t...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq-tftp[2128]: TFTP...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: using nam...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: using nam...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: using nam...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: using nam...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: using nam...
Jun 05 14:21:48 nethserver.info2.unicentrobogota.com dnsmasq[2128]: read /etc...
Hint: Some lines were ellipsized, use -l to show in full.

systemctl status sssd

[root@nethserver ~]# systemctl status sssd
● sssd.service - System Security Services Daemon
   Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2018-06-05 14:21:53 -05; 1 day 18h ago
 Main PID: 2145 (sssd)
    Tasks: 4
   CGroup: /system.slice/sssd.service
           ├─2145 /usr/sbin/sssd -i --logger=files
           ├─2817 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
           ├─2818 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files
           └─6259 /usr/libexec/sssd/sssd_be --domain info2.unicentrobogota.co...

Jun 05 14:38:01 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:38:01 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:38:01 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:52:50 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:52:50 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:53:15 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:53:35 nethserver.info2.unicentrobogota.com sssd_be[2679]: GSSAPI cl...
Jun 05 14:53:35 nethserver.info2.unicentrobogota.com sssd[be[info2.unicentrobogota.com]][2679]: ...
Jun 05 14:53:35 nethserver.info2.unicentrobogota.com sssd[be[info2.unicentrobogota.com]][6259]: ...
Jun 05 14:54:47 nethserver.info2.unicentrobogota.com sssd[be[info2.unicentrobogota.com]][6259]: ...
Hint: Some lines were ellipsized, use -l to show in full.

cat /etc/krb5.conf

[root@nethserver ~]# cat /etc/krb5.conf
# Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/

includedir /var/lib/sss/pubconf/krb5.include.d/
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 dns_lookup_realm = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true
 rdns = false
 default_ccache_name = KEYRING:persistent:%{uid}

 default_realm = AD.INFO2.UNICENTROBOGOTA.COM
[realms]
 AD.INFO2.UNICENTROBOGOTA.COM = {
 }

[domain_realm]
 ad.info2.unicentrobogota.com = AD.INFO2.UNICENTROBOGOTA.COM
 .ad.info2.unicentrobogota.com = AD.INFO2.UNICENTROBOGOTA.COM

->¿Do i prepare myself to format?


(Davide Principi) #9

Please provide missing info

In your case it is

nmap 192.168.3.201

(Hector Perez) #10
[root@nethserver ~]# /usr/libexec/nethserver/list-users administrator
Could not resolve domain ad.info2.unicentrobogota.com
[root@nethserver ~]# nmap 192.168.3.201

Starting Nmap 6.40 ( http://nmap.org ) at 2018-06-07 09:24 -05
Nmap scan report for 192.168.3.201
Host is up (0.000027s latency).
Not shown: 988 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
88/tcp   open  kerberos-sec
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
389/tcp  open  ldap
445/tcp  open  microsoft-ds
464/tcp  open  kpasswd5
636/tcp  open  ldapssl
1024/tcp open  kdm
1025/tcp open  NFS-or-IIS
3268/tcp open  globalcatLDAP
3269/tcp open  globalcatLDAPssl
MAC Address: E2:35:6C:5F:08:29 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 14.88 seconds
[root@nethserver ~]# cat /etc/krb5.conf
Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/
includedir /var/lib/sss/pubconf/krb5.include.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_ccache_name = KEYRING:persistent:%{uid}
default_realm = AD.INFO2.UNICENTROBOGOTA.COM
[realms]
AD.INFO2.UNICENTROBOGOTA.COM = {
}
[domain_realm]
ad.info2.unicentrobogota.com = AD.INFO2.UNICENTROBOGOTA.COM
.ad.info2.unicentrobogota.com = AD.INFO2.UNICENTROBOGOTA.COM

->¿Do i prepare myself to format?

@davidep Thanks for your time man.


(Hector Perez) #11

Can’t make ping, Yum can’t resolve hosts… this machine doesn’t seems to be OK.


(Davide Principi) #12

Did you try a reboot?

Please look also at

 cat /etc/resolv.conf

(Hector Perez) #13
[root@nethserver ~]# cat /etc/resolv.conf
# ================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
#
domain info2.unicentrobogota.com
search info2.unicentrobogota.com

# dnsmasq is enabled on this machine:
nameserver 127.0.0.1

Yes I rebooted the machine, but I have Ntop misterious traffic

Misterious traffic I think this machine is hijacked. I just upgrade the system from 7.4 to 7.5rc.


Desktop distributions
(Davide Principi) #14

@hector Do you think the problem is solved? Is a reboot required?

Can you give more info about your installation?

Please attach the output of

yum history pkg-info nethserver-dc
last -50

(Hector Perez) #15

No I couldn’t solve the problem, DNS querys are not working I’m planning to format the machine, Until 20 days I can’t touch the machine for that pourpose (web aplication working).

I have Ntop misterious Traffic in the machine I think that it is hijacked, dont know what to do.

[root@nethserver ~]# ping www.google.com.co
ping: www.google.com.co: Name or service not known

The output of your commands:

[root@nethserver ~]# yum history pkg-info nethserver-dc
Loaded plugins: auto-update-debuginfo, changelog, fastestmirror,
              : nethserver_events
Transaction ID : 70
Begin time     : Wed May 30 17:02:23 2018
Package        : nethserver-dc-1.4.5-1.ns7.x86_64
State          : Updated
Size           : 14,230,653
Build host     : b36.nethserver.org
Build time     : Thu Mar 29 10:08:48 2018
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.5-1.ns7.src.rpm
Commit Time    : Thu Mar 29 07:00:00 2018
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 70
Begin time     : Wed May 30 17:02:23 2018
Package        : nethserver-dc-1.5.1-1.ns7.x86_64
State          : Update
Size           : 14,584,402
Build host     : b47.nethserver.org
Build time     : Tue May 15 11:01:48 2018
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.5.1-1.ns7.src.rpm
Commit Time    : Tue May 15 07:00:00 2018
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
Command Line   : --disablerepo=mrmarkuz --skip-broken update
From repo      : nethserver-base
Installed by   : System <unset>
Changed by     : root <root>

Transaction ID : 56
Begin time     : Mon Apr 23 17:26:35 2018
Package        : nethserver-dc-1.4.2-1.ns7.x86_64
State          : Updated
Size           : 14,225,600
Build host     : b23.nethserver.org
Build time     : Tue Jan 23 08:47:16 2018
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.2-1.ns7.src.rpm
Commit Time    : Tue Jan 23 07:00:00 2018
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 56
Begin time     : Mon Apr 23 17:26:35 2018
Package        : nethserver-dc-1.4.5-1.ns7.x86_64
State          : Update
Size           : 14,230,653
Build host     : b36.nethserver.org
Build time     : Thu Mar 29 10:08:48 2018
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.5-1.ns7.src.rpm
Commit Time    : Thu Mar 29 07:00:00 2018
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 52
Begin time     : Wed Feb 21 14:31:53 2018
Package        : nethserver-dc-1.4.0-1.ns7.x86_64
State          : Updated
Size           : 14,220,315
Build host     : b12.nethserver.org
Build time     : Tue Dec 12 10:13:57 2017
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.0-1.ns7.src.rpm
Commit Time    : Tue Dec 12 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 52
Begin time     : Wed Feb 21 14:31:53 2018
Package        : nethserver-dc-1.4.2-1.ns7.x86_64
State          : Update
Size           : 14,225,600
Build host     : b23.nethserver.org
Build time     : Tue Jan 23 08:47:16 2018
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.2-1.ns7.src.rpm
Commit Time    : Tue Jan 23 07:00:00 2018
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 44
Begin time     : Fri Dec 15 16:00:53 2017
Package        : nethserver-dc-1.3.3-1.ns7.x86_64
State          : Updated
Size           : 14,219,267
Build host     : b3.nethserver.org
Build time     : Tue Dec  5 04:57:47 2017
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.3.3-1.ns7.src.rpm
Commit Time    : Tue Dec  5 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 44
Begin time     : Fri Dec 15 16:00:53 2017
Package        : nethserver-dc-1.4.0-1.ns7.x86_64
State          : Update
Size           : 14,220,315
Build host     : b12.nethserver.org
Build time     : Tue Dec 12 10:13:57 2017
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.4.0-1.ns7.src.rpm
Commit Time    : Tue Dec 12 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 42
Begin time     : Tue Dec  5 16:00:57 2017
Package        : nethserver-dc-1.3.2-1.ns7.x86_64
State          : Updated
Size           : 14,211,327
Build host     : giacomo.nethesis.it
Build time     : Fri Nov 24 11:41:45 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.3.2-1.ns7.src.rpm
Commit Time    : Fri Nov 24 07:00:00 2017
Committer      : Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 42
Begin time     : Tue Dec  5 16:00:57 2017
Package        : nethserver-dc-1.3.3-1.ns7.x86_64
State          : Update
Size           : 14,219,267
Build host     : b3.nethserver.org
Build time     : Tue Dec  5 04:57:47 2017
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.3.3-1.ns7.src.rpm
Commit Time    : Tue Dec  5 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 39
Begin time     : Thu Nov 30 16:36:33 2017
Package        : nethserver-dc-1.2.6-1.ns7.x86_64
State          : Updated
Size           : 14,186,883
Build host     : 4da23e76e0b64c959143e33c91a8d9e7
Build time     : Thu Jul 20 10:29:11 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.2.6-1.ns7.src.rpm
Commit Time    : Thu Jul 20 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>

Transaction ID : 39
Begin time     : Thu Nov 30 16:36:33 2017
Package        : nethserver-dc-1.3.2-1.ns7.x86_64
State          : Update
Size           : 14,211,327
Build host     : giacomo.nethesis.it
Build time     : Fri Nov 24 11:41:45 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.3.2-1.ns7.src.rpm
Commit Time    : Fri Nov 24 07:00:00 2017
Committer      : Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
Changed by     : System <unset>

Transaction ID : 30
Begin time     : Fri Sep  1 16:02:18 2017
Package        : nethserver-dc-1.2.6-1.ns7.x86_64
State          : Install
Size           : 14,186,883
Build host     : 4da23e76e0b64c959143e33c91a8d9e7
Build time     : Thu Jul 20 10:29:11 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.2.6-1.ns7.src.rpm
Commit Time    : Thu Jul 20 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>

Transaction ID : 29
Begin time     : Fri Sep  1 15:59:47 2017
Package        : nethserver-dc-1.2.6-1.ns7.x86_64
State          : Erase
Size           : 14,186,883
Build host     : 4da23e76e0b64c959143e33c91a8d9e7
Build time     : Thu Jul 20 10:29:11 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.2.6-1.ns7.src.rpm
Commit Time    : Thu Jul 20 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>

Transaction ID : 6
Begin time     : Fri Aug 18 14:55:02 2017
Package        : nethserver-dc-1.2.6-1.ns7.x86_64
State          : Install
Size           : 14,186,883
Build host     : 4da23e76e0b64c959143e33c91a8d9e7
Build time     : Thu Jul 20 10:29:11 2017
Vendor         : NethServer
License        : GPLv3+
URL            : http://github.com/NethServer/nethserver-dc
Source RPM     : nethserver-dc-1.2.6-1.ns7.src.rpm
Commit Time    : Thu Jul 20 07:00:00 2017
Committer      : Davide Principi <davide.principi@nethesis.it>
Reason         : user
From repo      : nethserver-updates
Installed by   : System <unset>
history pkg-info
[root@nethserver ~]# last -50
root     pts/0        10.141.3.10      Wed Jun 13 10:47   still logged in
root     pts/0        10.141.3.10      Tue Jun 12 09:36 - 09:53  (00:17)
root     pts/0        10.141.3.10      Thu Jun  7 09:07 - 13:16  (04:09)
root     pts/2        192.168.3.243    Wed Jun  6 15:18 - 07:56  (16:37)
root     pts/2        192.168.3.243    Tue Jun  5 15:57 - 08:03  (16:06)
root     pts/0        192.168.3.243    Tue Jun  5 15:54 - 17:50 (1+01:56)
root     pts/0        192.168.3.243    Tue Jun  5 14:22 - 15:47  (01:25)
reboot   system boot  3.10.0-862.3.2.e Tue Jun  5 14:21 - 10:51 (7+20:29)
root     pts/0        192.168.3.243    Tue Jun  5 14:12 - down   (00:06)
root     pts/0        192.168.3.243    Wed May 30 14:20 - 08:11 (1+17:50)
root     pts/0        192.168.3.243    Tue May 29 17:11 - 17:32  (00:20)
jsistema pts/2        192.168.3.243    Tue May 22 15:07 - 15:09  (00:02)
jsistema pts/2        192.168.3.243    Tue May 22 14:30 - 14:30  (00:00)
root     pts/0        192.168.3.243    Tue May 22 14:24 - 01:23  (10:58)
jsistema pts/0        192.168.3.243    Tue May 22 14:22 - 14:22  (00:00)
root     pts/0        192.168.3.243    Fri May 11 16:11 - 10:05 (3+17:53)
root     pts/0        192.168.3.243    Wed May  9 15:09 - 17:37  (02:28)
root     pts/0        192.168.3.243    Wed May  9 14:55 - 14:56  (00:01)
root     pts/0        192.168.3.243    Tue May  8 14:55 - 17:41  (02:45)
root     pts/0        192.168.3.243    Mon May  7 14:13 - 17:40  (03:27)
root     pts/0        192.168.3.243    Fri May  4 15:59 - 17:29  (01:30)
root     pts/0        192.168.3.243    Fri May  4 14:31 - 15:59  (01:27)
root     pts/0        192.168.3.243    Fri May  4 14:27 - 14:29  (00:01)
root     pts/0        192.168.3.243    Mon Apr 30 16:37 - 11:11 (3+18:33)
root     pts/0        192.168.3.243    Thu Apr 26 17:46 - 15:25  (21:38)
root     pts/0        192.168.3.243    Wed Apr 25 14:04 - 17:41  (03:36)
root     pts/0        192.168.3.243    Tue Apr 24 14:44 - 17:46  (03:02)
reboot   system boot  3.10.0-693.21.1. Tue Apr 24 14:41 - 14:18 (41+23:37)
root     pts/0        192.168.3.243    Mon Apr 23 14:56 - down   (23:42)
root     pts/0        192.168.3.243    Fri Apr 20 15:51 - 16:23  (00:32)
reboot   system boot  3.10.0-693.17.1. Thu Apr 19 17:32 - 14:38 (4+21:06)
root     pts/0        192.168.3.243    Fri Apr 13 16:28 - 17:44  (01:16)
reboot   system boot  3.10.0-693.17.1. Wed Apr 11 15:28 - 14:38 (12+23:10)
root     tty1                          Wed Apr 11 15:17 - 15:17  (00:00)
root     pts/0        192.168.3.243    Mon Apr  9 14:44 - 09:55  (19:10)
root     pts/0        192.168.3.243    Wed Apr  4 14:28 - 08:47  (18:19)
root     pts/0        192.168.3.243    Tue Mar 27 14:11 - 07:31  (17:20)
root     pts/0        192.168.3.243    Mon Mar 26 14:28 - 14:32  (00:04)
root     pts/0        192.168.3.243    Wed Mar  7 14:22 - 14:59  (00:36)
root     pts/0        192.168.3.243    Mon Mar  5 14:22 - 08:29  (18:06)
root     pts/0        192.168.3.243    Fri Mar  2 16:58 - 08:06 (2+15:08)
root     pts/0        192.168.3.243    Thu Mar  1 14:01 - 08:08  (18:07)
root     pts/0        192.168.3.243    Wed Feb 28 17:24 - 07:55  (14:31)
root     pts/0        192.168.3.243    Wed Feb 28 14:29 - 17:22  (02:53)
root     pts/0        192.168.3.243    Tue Feb 27 14:05 - 17:48  (03:42)
root     pts/0        192.168.3.243    Mon Feb 26 14:21 - 16:24  (02:02)
root     pts/0        192.168.3.243    Fri Feb 23 14:16 - 07:40 (2+17:24)
root     pts/3        192.168.3.243    Thu Feb 22 14:21 - 17:41  (03:19)
root     pts/0        192.168.3.243    Thu Feb 22 14:06 - 17:41  (03:35)
root     pts/2        10.141.3.30      Thu Feb 22 10:26 - 20:58  (10:32)

wtmp begins Thu Aug 17 16:34:04 2017

(Davide Principi) #16

Please edit the mrmarkuz repo file to disable it. Then attach the output of

 yum check-update

Could you also attach

cat /var/lib/machines/nsdc/var/lib/samba/private/krb5.conf

(Hector Perez) #17

mrmarkuz repo is disabled.

[root@nethserver ~]# yum check-update
Loaded plugins: auto-update-debuginfo, changelog, fastestmirror,
: nethserver_events
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - “Could not resolve host: mirrorlist.centos.org; Unknown error”

One of the configured repositories failed (Unknown),
and yum doesn’t have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work “fix” this:

 1. Contact the upstream for the repository and get them to fix the problem.

 2. Reconfigure the baseurl/etc. for the repository, to point to a working
    upstream. This is most often useful if you are using a newer
    distribution release than is supported by the repository (and the
    packages for the previous distribution release still work).

 3. Run the command with the repository temporarily disabled
        yum --disablerepo=<repoid> ...

 4. Disable the repository permanently, so yum won't use it by default. Yum
    will then just ignore the repository until you permanently enable it
    again or use --enablerepo for temporary usage:

        yum-config-manager --disable <repoid>
    or
        subscription-manager repos --disable=<repoid>

 5. Configure the failing repository to be skipped, if it is unavailable.
    Note that yum will try to contact the repo. when it runs most commands,
    so will have to try and fail each time (and thus. yum will be be much
    slower). If it is a very temporary problem though, this is often a nice
    compromise:

        yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true

Cannot find a valid baseurl for repo: base/7/x86_64

(I can’t Access DNS servers, neither repos).
[root@nethserver ~]# cat /var/lib/machines/nsdc/var/lib/samba/private/krb5.conf
[libdefaults]
default_realm = AD.INFO2.UNICENTROBOGOTA.COM
dns_lookup_realm = false
dns_lookup_kdc = true


(Davide Principi) #18

Are you sure the upstream DNS is reachable and works well?

Can you (temporarily) use another upstream DNS? like 8.8.8.8 or 8.8.4.4?


(Hector Perez) #19

Yes is working in all the LAN (PFsense firewall) I changed all the Upstream DNS to 8.8.8.8 and it doesn’t work.


(Davide Principi) #20

Do you have a web proxy? Can you disable it?

config show proxy