uri ldap://DC1 ldap://DC2 base dc=corp,dc=example,dc=com [libdefa

1. uri ldap://DC1 ldap://DC2
2. base dc=corp,dc=example,dc=com
3.  
4. [libdefaults]
5. default_realm = corp.example.com
6. clockskew = 300
7. dns_lookup_kdc
8. # default_realm = EXAMPLE.COM
9.  
10. [realms]
11. corp.example.com= {
12. kdc = corp.example.com
13. default_domain = corp.example.com
14. kpasswd_server = corp.example.com
15. admin_server = corp.example.com
16. }
17. # EXAMPLE.COM = {
18. # kdc = kerberos.example.com
19. # admin_server = kerberos.example.com
20. # }
21.  
22. [logging]
23. kdc = FILE:/var/log/krb5/krb5kdc.log
24. admin_server = FILE:/var/log/krb5/kadmind.log
25. default = SYSLOG:NOTICE:DAEMON
26. [domain_realm]
27. .corp.example.com = corp.example.com
28. .corp = corp.example.com
29. [appdefaults]
30. pam = {
31. ticket_lifetime = 1d
32. renew_lifetime = 1d
33. forwardable = true
34. proxiable = false
35. minimum_uid = 1
36. external = sshd
37. use_shmem = sshd
38. clockskew = 300
39. retain_after_close = false
40. }
41.  
42. search corp.example.com
43. nameserver 10.0.0.3
44. nameserver 10.1.0.3
45.  
46. Nov 30 09:04:56 linux_client nscd: nss_ldap: failed to bind to LDAP server ldap://ad3: Can't contact LDAP server
47. Nov 30 09:04:59 linux_client sshd[15585]: nss_ldap: failed to bind to LDAP server ldap://ad3: Can't contact LDAP server
48. Nov 30 08:50:19 linux_client sshd[15242]: Accepted keyboard-interactive/pam for jim from 10.0.0.231 port 61288 ssh2
49. Nov 30 08:52:02 linux_client sshd[15284]: nss_ldap: could not search LDAP server - Server is unavailable
50. Nov 30 08:53:09 linux_client sshd[15284]: pam_unix2(sshd:auth): conversation failed
51. Nov 30 08:53:16 linux_client sshd[15284]: error: ssh_msg_send: write
52. Nov 30 08:53:26 linux_client sshd[15284]: pam_krb5[15284]: authentication fails for 'jim' (jim@corp.example.com): Authentication failure (Cannot read password)
53. Nov 30 08:53:26 linux_client sshd[15284]: error: ssh_msg_send: write
54. Nov 30 08:56:02 linux_client sshd[15289]: nss_ldap: could not search LDAP server - Server is unavailable
55. Nov 30 08:56:27 linux_client sshd[15289]: pam_krb5[15289]: authentication succeeds for 'jim' (jim@corp.example.com)
56. Nov 30 08:57:12 linux_client sshd[15289]: nss_ldap: could not search LDAP server - Server is unavailable
57. Nov 30 08:57:18 linux_client sshd[15289]: _rebind_proc
58. Nov 30 08:57:31 linux_client sshd[15289]: _rebind_proc
59. Nov 30 08:57:34 linux_client sshd[15289]: _rebind_proc
60. Nov 30 08:57:34 linux_client sshd[15289]: pam_ldap: ldap_result Timed out
61. Nov 30 08:57:34 linux_client sshd[15289]: error: ssh_msg_send: write