Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
40bcbbb1d3de7287cb700a5baf6800d2ece24efd
gitea-pages/admin-guide/troubleshooting/sssd.md

2.8 KiB
Raw Blame History

SSSD

Check Domain State

As root check what domains are configured:

# sssctl domain-list
D.PSI.CH
#

and then check their state:

# sssctl domain-status D.PSI.CH
Online status: Offline

Active servers:
AD Global Catalog: not connected
AD Domain Controller: dc01.D.PSI.CH

Discovered AD Global Catalog servers:
None so far.
Discovered AD Domain Controller servers:
- dc01.D.PSI.CH
- dc02.D.PSI.CH
- dc00.D.PSI.CH

#

Check User State

# sssctl user-checks buchel_k
user: buchel_k
action: acct
service: system-auth

SSSD nss user lookup result:
 - user name: buchel_k
 - user id: 44951
 - group id: 710
 - gecos: Bucheli Konrad
 - home directory: /home/buchel_k
 - shell: /bin/bash

SSSD InfoPipe user lookup result:
 - name: buchel_k
 - uidNumber: 44951
 - gidNumber: 710
 - gecos: Bucheli Konrad
 - homeDirectory: /afs/psi.ch/user/b/buchel_k
 - loginShell: /bin/bash

testing pam_acct_mgmt

pam_acct_mgmt: Success

PAM Environment:
 - no env -
#

Check Log for AD connection

If /var/log/sssd/sssd_D.PSI.CH.log complains about file issues like

  *  (2024-10-03  9:47:17): [be[D.PSI.CH]] [sysdb_delete_cache_entry] (0x0020): [RID#78] LDB Error: No such object (32); error message: [ldb_wait from ldb_delete with LDB_WAIT_ALL: No such object (32)]
********************** BACKTRACE DUMP ENDS HERE *********************************

(2024-10-03  9:47:17): [be[D.PSI.CH]] [sysdb_delete_entry] (0x0040): [RID#78] sysdb_delete_cache_entry failed: 2
(2024-10-03  9:48:24): [be[D.PSI.CH]] [sysdb_create_ts_entry] (0x0040): [RID#90] ldb_add failed: [Entry already exists](68)[Entry name=X06SA@d.psi.ch,cn=groups,cn=D.PSI.CH,cn=sysdb already exists]
   *  ... skipping repetitive backtrace ...
(2024-10-03  9:48:24): [be[D.PSI.CH]] [sysdb_create_ts_entry] (0x0040): [RID#90] Error: 17 (File exists)
   *  ... skipping repetitive backtrace ...
(2024-10-03  9:48:24): [be[D.PSI.CH]] [sysdb_create_ts_entry] (0x0040): [RID#90] ldb_add failed: [Entry already exists](68)[Entry name=gac-x07da@d.psi.ch,cn=groups,cn=D.PSI.CH,cn=sysdb already exists]
   *  ... skipping repetitive backtrace ...
(2024-10-03  9:48:24): [be[D.PSI.CH]] [sysdb_create_ts_entry] (0x0040): [RID#90] Error: 17 (File exists)
   *  ... skipping repetitive backtrace ...
(2024-10-03  9:48:24): [be[D.PSI.CH]] [sysdb_create_ts_entry] (0x0040): [RID#90] ldb_add failed: [Entry already exists](68)[Entry name=X07DA@d.psi.ch,cn=groups,cn=D.PSI.CH,cn=sysdb already exists]

delete the sssd files:

systemctl stop sssd.service
rm -f /var/lib/sss/db/*
systemctl start sssd.service

Extended Logging

To get more logging messages you may raise the log level to 6, either permanently in Hiera with key aaa::sssd_debuglevel or temporary on the host itself with

sssctl debug-level 6

The logs are located in /etc/log/sssd/

View Git Blame Copy Permalink