> You upgraded from what version? *Updated. Simple dnf update that I du regularly on Fedora 29 server where FreeIPA is installed. Unfortunately, it was quite a while and I am unable to pinpoint exactly which libraries got updated. This is my best theory as I do not recall playing with configs (I am not a power user and I was just enjoying my few boxes provisioned without messing around)
> What debugging did you try? Maybe debugging is not a good wording here - I went through 'troubleshoting' guides provided on freeipa website as much as I could understand the, as a mortal user. At least to my, non-experienced eye, everything is set as it should be and all daemons are working. On the internet, when googling "GSS Failure" I found a suggestion on stackexchange https://tinyurl.com/y6q7ou62 - "duplicate PTR Record can cause issues" While I don't see duplicates, user cannot resolve ip, but not sure if that is ok or not: From the server itself, when asked by own ip: $ dig -x 10.0.1.10 ;; ANSWER SECTION: 10.1.0.10.in-addr.arpa. 86400 IN PTR ipaserv.home.mydomain.com. $ host ipaserv.home.mydomain.com ipaserv.home.mydomain.com has address 10.0.1.10 ipaserv.home.mydomain.com has IPv6 address fe80::c8e5:xxxx:xxxx:xxxx $ host 10.0.1.10 10.1.0.10.in-addr.arpa domain name pointer ipaserv.home.mydomain.com. From user desktop, I am not getting an answer: (?) $ dig -x 10.0.1.10 ;; QUESTION SECTION: ;10.1.0.10.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 10.IN-ADDR.ARPA. 86400 IN SOA 10.IN-ADDR.ARPA. . 0 28800 7200 604800 86400 ;; Query time: 0 msec ;; SERVER: 10.0.1.10#53(10.0.1.10) $ host 10.0.1.10 Host 10.1.0.10.in-addr.arpa. not found: 3(NXDOMAIN) $ host ipaserv.home.mydomain.com ipaserv.home.mydomain.com has address 10.0.1.10 ipaserv.home.mydomain.com has IPv6 address fe80::c8e5:xxxx:xxxx:xxxx $ cat /etc/hosts 10.0.1.10 ipaserv.home.mydomain.com ipaserv 10.0.1.4 usera.home.mydomain.com usera I'm really not a power user and trying everything to best of my knowledge to figure it out. If you have any clues or suggestions, I would appreciate it ! Thanks! _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
