Project

General

Profile

Bug #4625

Kerberos Settings will not be updates

Added by stup ProS over 6 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Nice to have
Assignee:
John Hixson
Category:
OS
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

gui upgrade from 9.2.1.2 to 9.2.1.3

box restartet, syslog tells me:
ar 23 12:16:45 monster ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: krbhost=, kpwdhost=, domainname=netzwerk.intern
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: verify_krb5_conf:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: /realms/NETZWERK.INTERN/kdc:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: hostname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: nor
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: servname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: provided,
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: or
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: not
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: known
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: ()
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: verify_krb5_conf:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: /realms/NETZWERK.INTERN/admin_server:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: hostname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: nor
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: servname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: provided,
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: or
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: not
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: known
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: ()
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: verify_krb5_conf:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: /realms/NETZWERK.INTERN/kpasswd_server:
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: hostname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: nor
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: servname
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: provided,
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: or
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: not
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: known
Mar 23 12:16:45 monster ix-kerberos: generate_krb5_conf: ()
Mar 23 12:16:45 monster ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Mar 23 12:16:45 monster ActiveDirectory: /usr/sbin/service ix-pam quietstart
Mar 23 12:16:45 monster ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Mar 23 12:16:45 monster ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Mar 23 12:16:45 monster ActiveDirectory: kerberos_start: /usr/bin/kinit --renewable --password-file=/tmp/tmp.NkShbyWp
Mar 23 12:16:46 monster ActiveDirectory: kerberos_start: Failed

ad_gcname=""
ad_gchost=""
ad_gcport="3268"
ad_use_keytab="0"
ad_keytab="/data/krb5.keytab"
ad_krbname=""
ad_krbhost=""
ad_krbport="88"
ad_kpwdname=""
ad_kpwdhost=""

I tried to set the missing values in the web UI, restart the service..same issue.

editing the above config file and set the correct values..everything works fine.
sure, at leat until the next restart.

just as a comment:

after the nightmares from the previuous upgrade sessions:
I guess it would make sense to setup a unit testing? enviroment ; )

I really like freenas. truenas itself would be a nice businessmodel - if you just would provide a realistic hw price in europe.

Associated revisions

Revision c0197bf1 (diff)
Added by John Hixson over 6 years ago

Don't cache AD config Ticket: #4625

Revision 147b9dea (diff)
Added by John Hixson over 6 years ago

Don't cache AD config Ticket: #4625

History

#1 Updated by stup ProS over 6 years ago

and yes, I did the rebuild ldap, ADc ache part.

#2 Updated by stup ProS over 6 years ago

after the third reboot, settings seem to be applied.

#3 Updated by Jordan Hubbard over 6 years ago

  • Assignee set to John Hixson

Not sure if there's a bug here or not - I don't understand what the user is trying to attempt. John?

#4 Updated by John Hixson over 6 years ago

  • Status changed from Unscreened to Screened

#5 Updated by John Hixson over 6 years ago

Jordan Hubbard wrote:

Not sure if there's a bug here or not - I don't understand what the user is trying to attempt. John?

AD configuration is looked up via DNS and cached. The cache here is the issue. I'm going to nuke it ;-)

#6 Updated by John Hixson over 6 years ago

  • Status changed from Screened to Resolved

#7 Updated by Dru Lavigne almost 3 years ago

  • Category set to OS
  • Target version set to Master - FreeNAS Nightlies

Also available in: Atom PDF