On 15.8.2016 03:29, David Kowis wrote: > On 08/14/2016 07:57 PM, David Kowis wrote: >> On 08/14/2016 02:31 PM, David Kowis wrote: >>> Perhaps someone else has had this error before, or maybe just knows what >>> I need to do? >> >> Digging through the mailing list, I only find this guy: >> https://www.redhat.com/archives/freeipa-devel/2014-October/msg00480.html >> >> Seems someone had the exact same problem I did almost two years ago, and >> didn't post about their solution, if they got any solution. > > Narrowed it down a bit further: > > > Aug 14 20:27:24 freeipavm ipa-dnskeysyncd[31211]: ipa: WARNING: session > memcached servers not running > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: ipa : INFO > LDAP bind... > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: Traceback (most recent > call last): > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File > "/usr/lib/ipa/ipa-dnskeysyncd", line 92, in <module> > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: > ldap_connection.sasl_interactive_bind_s("", ipaldap.SASL_GSSAPI) > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File > "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 932, in > sasl_interactive_bind_s > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: res = > self._apply_method_s(SimpleLDAPObject.sasl_interactive_bind_s,*args,**kwargs) > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File > "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 900, in > _apply_method_s > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: return > func(self,*args,**kwargs) > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File > "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 244, in > sasl_interactive_bind_s > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: return > self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags) > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: File > "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in > _ldap_call > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: result = > func(*args,**kwargs) > Aug 14 20:27:26 freeipavm ipa-dnskeysyncd[31211]: > ldap.STRONG_AUTH_NOT_SUPPORTED: {'info': 'sasl mechanism not supported', > 'desc': 'Authentication method not supported'} > Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Main > process exited, code=exited, status=1/FAILURE > Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Unit > entered failed state. > Aug 14 20:27:26 freeipavm systemd[1]: ipa-dnskeysyncd.service: Failed > with result 'exit-code'. > > > Seems this service doesn't start with the sasl mechanism not supported. > > Does anyone know what's missing, or how I can get further information? > Is it the LDAP server, or am I missing a sasl lib for python? Maybe a > configuration file?
This is weird as LDAP SASL & GSSAPI is pretty standard thing. In any case, you can check server logs or use tcpdump/wireshark and see if the error somes from LDAP server or if it is client side error. That would tell us where to focus. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
