API tools faq
paste
Advertisement
OlaNys

Untitled

OlaNys
Apr 15th, 2015
387
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.60 KB | None | 0 0
raw download clone embed print report
  1. [root@galaxy ~]# rm -f /var/lib/sss/mc/*
  2. [root@galaxy ~]# rm -f /var/lib/sss/db/*
  3. [root@galaxy ~]# /usr/sbin/sssd -i -d9 2>&1 | grep krb
  4. (Wed Apr 15 10:36:13 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_keytab has no value
  5. (Wed Apr 15 10:36:13 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_realm has no value
  6. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option ldap_krb5_keytab has no value
  7. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option ldap_krb5_init_creds is TRUE
  8. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_server has no value
  9. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_backup_server has no value
  10. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_realm has no value
  11. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
  12. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
  13. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
  14. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_get_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value
  15. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_get_map] (0x0400): Option ldap_user_krb_password_expiration has no value
  16. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [ad_set_ad_id_options] (0x0100): Option krb5_realm set to ENSKEDE.LOCAL
  17. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_server has no value
  18. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_backup_server has no value
  19. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_realm has no value
  20. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_ccachedir has value /tmp
  21. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_ccname_template has no value
  22. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_auth_timeout has value 6
  23. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_keytab has value /etc/krb5.keytab
  24. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_validate is TRUE
  25. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_kpasswd has no value
  26. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_backup_kpasswd has no value
  27. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_store_password_if_offline is FALSE
  28. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_renewable_lifetime has no value
  29. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_lifetime has no value
  30. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_renew_interval has no value
  31. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_use_fast has no value
  32. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_fast_principal has no value
  33. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
  34. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_use_enterprise_principal is TRUE
  35. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
  36. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [ad_get_auth_options] (0x0100): Option krb5_server set to (null)
  37. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [ad_get_auth_options] (0x0100): Option krb5_realm set to ENSKEDE.LOCAL
  38. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [ad_get_auth_options] (0x0100): Option krb5_use_kdcinfo set to true
  39. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_keytab has no value
  40. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_realm has value ENSKEDE.LOCAL
  41. (Wed Apr 15 10:36:14 2015) [sssd[be[ENSKEDE.LOCAL]]] [sss_write_domain_mappings] (0x0200): Mapping file for domain [ENSKEDE.LOCAL] is [/var/lib/sss/pubconf/krb5.include.d/domain_realm_ENSKEDE_LOCAL]
  42. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.410269: Getting initial credentials for GALAXY$@ENSKEDE.LOCAL
  43. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.414182: Looked up etypes in keytab: des-cbc-crc, des, des-cbc-crc, aes128-cts, aes256-cts, rc4-hmac
  44. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.415381: Sending request (203 bytes) to ENSKEDE.LOCAL
  45. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.421400: Sending initial UDP request to dgram 10.77.20.100:88
  46. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.433883: Received answer from dgram 10.77.20.100:88
  47. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.436981: Response was from master KDC
  48. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.437927: Received error from KDC: -1765328359/Additional pre-authentication required
  49. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.440508: Processing preauth types: 16, 15, 19, 2
  50. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.441151: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALhostgalaxy.enskede.local", params ""
  51. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.445541: Retrieving GALAXY$@ENSKEDE.LOCAL from FILE:/etc/krb5.keytab (vno 0, enctype aes256-cts) with result: 0/Success
  52. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.447294: AS key obtained for encrypted timestamp: aes256-cts/9498
  53. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.450123: Encrypted timestamp (for 1429086975.448147): plain 301AA011180F32303135303431353038333631355AA105020306D693, encrypted 9B59C29B73B47BFE10157165C1DBE926A7F3D600AE71B125765F562FB27BD6BDD40E3FAE5423A35C017F9A638250BBCF18FFC8E88C05E446
  54. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.450849: Preauth module encrypted_timestamp (2) (flags=1) returned: 0/Success
  55. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.451242: Produced preauth for next request: 2
  56. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.452959: Sending request (283 bytes) to ENSKEDE.LOCAL
  57. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.455696: Sending initial UDP request to dgram 10.77.20.100:88
  58. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.480598: Received answer from dgram 10.77.20.100:88
  59. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.485492: Response was from master KDC
  60. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.489462: Processing preauth types: 19
  61. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.491842: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALhostgalaxy.enskede.local", params ""
  62. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.492953: Produced preauth for next request: (empty)
  63. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.496659: AS key determined by preauth: aes256-cts/9498
  64. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.500241: Decrypted AS reply; session key is: rc4-hmac/064E
  65. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.501136: FAST negotiation: unavailable
  66. (Wed Apr 15 10:36:15 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086975.505709: Initializing FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_CmAckW with default princ GALAXY$@ENSKEDE.LOCAL
  67. (Wed Apr 15 10:36:17 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086977.599384: Removing GALAXY$@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL from FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_CmAckW
  68. (Wed Apr 15 10:36:17 2015) [[sssd[ldap_child[2134]]]] [sss_child_krb5_trace_cb] (0x4000): [2134] 1429086977.601865: Storing GALAXY$@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL in FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_CmAckW
  69. (Wed Apr 15 10:36:17 2015) [[sssd[ldap_child[2134]]]] [pack_buffer] (0x1000): result [0] krberr [0] msgsize [41] msg [FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL]
  70. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [sss_write_domain_mappings] (0x0200): Mapping file for domain [ENSKEDE.LOCAL] is [/var/lib/sss/pubconf/krb5.include.d/domain_realm_ENSKEDE_LOCAL]
  71. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_keytab has no value
  72. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_realm has no value
  73. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option ldap_krb5_keytab has no value
  74. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option ldap_krb5_init_creds is TRUE
  75. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_server has no value
  76. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_backup_server has no value
  77. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_realm has no value
  78. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_canonicalize is FALSE
  79. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option krb5_use_kdcinfo is TRUE
  80. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [dp_copy_options_ex] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
  81. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_copy_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value
  82. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_copy_map] (0x0400): Option ldap_user_krb_password_expiration has no value
  83. (Wed Apr 15 10:36:18 2015) [sssd[be[ENSKEDE.LOCAL]]] [ad_set_ad_id_options] (0x0100): Option krb5_realm set to ENSKEDE.LOCAL
  84. (Wed Apr 15 10:36:22 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbLastPwdChange is not available for [ola].
  85. (Wed Apr 15 10:36:22 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbPasswordExpiration is not available for [ola].
  86. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.35224: Getting initial credentials for GALAXY$@ENSKEDE.LOCAL
  87. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.38957: Looked up etypes in keytab: des-cbc-crc, des, des-cbc-crc, aes128-cts, aes256-cts, rc4-hmac
  88. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.40334: Sending request (203 bytes) to ENSKEDE.LOCAL
  89. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.44922: Sending initial UDP request to dgram 10.77.20.100:88
  90. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.55946: Received answer from dgram 10.77.20.100:88
  91. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.59047: Response was from master KDC
  92. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.60202: Received error from KDC: -1765328359/Additional pre-authentication required
  93. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.64805: Processing preauth types: 16, 15, 19, 2
  94. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.66814: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALhostgalaxy.enskede.local", params ""
  95. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.68929: Retrieving GALAXY$@ENSKEDE.LOCAL from FILE:/etc/krb5.keytab (vno 0, enctype aes256-cts) with result: 0/Success
  96. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.69833: AS key obtained for encrypted timestamp: aes256-cts/9498
  97. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.71671: Encrypted timestamp (for 1429086983.70687): plain 301AA011180F32303135303431353038333632335AA105020301141F, encrypted F932413B538A9AE4D2A0909173F2A772CCC6438D10D16EF5CDC471C6DC22DE9B754AEB07FC04B7D8B1433C5EBD0C33A547357AAE805A7BCE
  98. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.72408: Preauth module encrypted_timestamp (2) (flags=1) returned: 0/Success
  99. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.72752: Produced preauth for next request: 2
  100. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.73489: Sending request (283 bytes) to ENSKEDE.LOCAL
  101. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.76824: Sending initial UDP request to dgram 10.77.20.100:88
  102. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.92234: Received answer from dgram 10.77.20.100:88
  103. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.95892: Response was from master KDC
  104. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.97011: Processing preauth types: 19
  105. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.97824: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALhostgalaxy.enskede.local", params ""
  106. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.98645: Produced preauth for next request: (empty)
  107. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.99848: AS key determined by preauth: aes256-cts/9498
  108. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.101219: Decrypted AS reply; session key is: rc4-hmac/470D
  109. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.101607: FAST negotiation: unavailable
  110. (Wed Apr 15 10:36:23 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086983.103328: Initializing FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_oAz7PL with default princ GALAXY$@ENSKEDE.LOCAL
  111. (Wed Apr 15 10:36:25 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086985.161486: Removing GALAXY$@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL from FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_oAz7PL
  112. (Wed Apr 15 10:36:25 2015) [[sssd[ldap_child[2145]]]] [sss_child_krb5_trace_cb] (0x4000): [2145] 1429086985.162567: Storing GALAXY$@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL in FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL_oAz7PL
  113. (Wed Apr 15 10:36:25 2015) [[sssd[ldap_child[2145]]]] [pack_buffer] (0x1000): result [0] krberr [0] msgsize [41] msg [FILE:/var/lib/sss/db/ccache_ENSKEDE.LOCAL]
  114. (Wed Apr 15 10:36:25 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbLastPwdChange is not available for [ola].
  115. (Wed Apr 15 10:36:25 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbPasswordExpiration is not available for [ola].
  116. (Wed Apr 15 10:36:26 2015) [sssd[be[ENSKEDE.LOCAL]]] [krb5_pam_handler] (0x1000): Wait queue of user [ola] is empty, running request immediately.
  117. (Wed Apr 15 10:36:26 2015) [sssd[be[ENSKEDE.LOCAL]]] [krb5_auth_send] (0x0100): pam_dp_send_req returned 0
  118. (Wed Apr 15 10:36:26 2015) [sssd[be[ENSKEDE.LOCAL]]] [krb5_auth_send] (0x4000): Ccache_file is [not set] and is not active and TGT is not valid.
  119. (Wed Apr 15 10:36:26 2015) [sssd[be[ENSKEDE.LOCAL]]] [krb5_auth_prepare_ccache_name] (0x4000): Recreating ccache file.
  120. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [main] (0x0400): krb5_child started.
  121. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [unpack_buffer] (0x1000): total buffer size: [122]
  122. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [unpack_buffer] (0x0100): cmd [241] uid [11103] gid [11116] validate [true] enterprise principal [true] offline [false] UPN [ola@ENSKEDE.LOCAL]
  123. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [unpack_buffer] (0x0100): ccname: [FILE:/tmp/krb5cc_11103_XXXXXX] keytab: [/etc/krb5.keytab]
  124. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [set_lifetime_options] (0x0100): Cannot read [SSSD_KRB5_RENEWABLE_LIFETIME] from environment.
  125. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [set_lifetime_options] (0x0100): Cannot read [SSSD_KRB5_LIFETIME] from environment.
  126. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [set_canonicalize_option] (0x0100): SSSD_KRB5_CANONICALIZE is set to [true]
  127. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [k5c_setup] (0x0100): Not using FAST.
  128. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [main] (0x0400): Will perform online auth
  129. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [tgt_req_child] (0x1000): Attempting to get a TGT
  130. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [get_and_save_tgt] (0x0400): Attempting kinit for realm [ENSKEDE.LOCAL]
  131. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.291492: Getting initial credentials for ola\@ENSKEDE.LOCAL@ENSKEDE.LOCAL
  132. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.294416: Sending request (213 bytes) to ENSKEDE.LOCAL
  133. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.298318: Sending initial UDP request to dgram 10.77.20.100:88
  134. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.309986: Received answer from dgram 10.77.20.100:88
  135. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.313206: Response was from master KDC
  136. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.314194: Received error from KDC: -1765328359/Additional pre-authentication required
  137. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.317415: Processing preauth types: 16, 15, 19, 2
  138. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.318021: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALola", params ""
  139. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.501192: AS key obtained for encrypted timestamp: aes256-cts/3237
  140. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.504201: Encrypted timestamp (for 1429086986.501966): plain 301AA011180F32303135303431353038333632365AA105020307A8CE, encrypted 3043C5E862A6E31BA04829B1116682D59BB6268D4DD68F79142DDBAC21851A89F0F572A282DC97D2F411448CF6401F2D37FDAB63FF146E6B
  141. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.504985: Preauth module encrypted_timestamp (2) (flags=1) returned: 0/Success
  142. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.506068: Produced preauth for next request: 2
  143. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.508460: Sending request (293 bytes) to ENSKEDE.LOCAL
  144. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.511383: Sending initial UDP request to dgram 10.77.20.100:88
  145. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.529113: Received answer from dgram 10.77.20.100:88
  146. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.532162: Response was from master KDC
  147. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.533065: Processing preauth types: 19
  148. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.534881: Selected etype info: etype aes256-cts, salt "ENSKEDE.LOCALola", params ""
  149. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.536040: Produced preauth for next request: (empty)
  150. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.536941: AS key determined by preauth: aes256-cts/3237
  151. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.539817: Decrypted AS reply; session key is: rc4-hmac/4B29
  152. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.540469: FAST negotiation: unavailable
  153. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_krb5_expire_callback_func] (0x2000): exp_time: [707422299]
  154. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [validate_tgt] (0x2000): Found keytab entry with the realm of the credential.
  155. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.548250: Retrieving host/galaxy.enskede.local@ENSKEDE.LOCAL from FILE:/etc/krb5.keytab (vno 0, enctype 0) with result: 0/Success
  156. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.549019: Resolving unique ccache of type MEMORY
  157. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.550565: Initializing MEMORY:5kKBDgx with default princ ola@ENSKEDE.LOCAL
  158. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.551078: Removing ola@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL from MEMORY:5kKBDgx
  159. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.552163: Storing ola@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL in MEMORY:5kKBDgx
  160. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.553189: Getting credentials ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL using ccache MEMORY:5kKBDgx
  161. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.555212: Retrieving ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL from MEMORY:5kKBDgx with result: -1765328243/Matching credential not found
  162. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.557013: Retrieving ola@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL from MEMORY:5kKBDgx with result: 0/Success
  163. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.558177: Found cached TGT for service realm: ola@ENSKEDE.LOCAL -> krbtgt/ENSKEDE.LOCAL@ENSKEDE.LOCAL
  164. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.558738: Requesting tickets for host/galaxy.enskede.local@ENSKEDE.LOCAL, referrals on
  165. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.560076: Generated subkey for TGS request: rc4-hmac/ABD9
  166. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.560889: etypes requested in TGS request: aes256-cts, aes128-cts, des3-cbc-sha1, rc4-hmac
  167. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.563091: Sending request (1394 bytes) to ENSKEDE.LOCAL
  168. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.565988: Sending initial UDP request to dgram 10.77.20.100:88
  169. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.582647: Received answer from dgram 10.77.20.100:88
  170. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.586422: Response was from master KDC
  171. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.588574: TGS reply is for ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL with session key rc4-hmac/2085
  172. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.589262: TGS request result: 0/Success
  173. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.590854: Received creds for desired service host/galaxy.enskede.local@ENSKEDE.LOCAL
  174. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.591279: Removing ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL from MEMORY:5kKBDgx
  175. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.592613: Storing ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL in MEMORY:5kKBDgx
  176. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.594674: Creating authenticator for ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL, seqnum 0, subkey (null, session key rc4-hmac/2085
  177. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.597562: Retrieving host/galaxy.enskede.local@ENSKEDE.LOCAL from FILE:/etc/krb5.keytab (vno 6, enctype rc4-hmac) with result: 0/Success
  178. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.600140: Decrypted AP-REQ with specified server principal host/galaxy.enskede.local@ENSKEDE.LOCAL: rc4-hmac/8257
  179. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.600962: AP-REQ ticket: ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL, session key rc4-hmac/2085
  180. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.605942: Negotiated enctype based on authenticator: rc4-hmac
  181. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.606674: Initializing MEMORY:rd_req2 with default princ ola@ENSKEDE.LOCAL
  182. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.607148: Removing ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL from MEMORY:rd_req2
  183. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.609676: Storing ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL in MEMORY:rd_req2
  184. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.611486: Destroying ccache MEMORY:5kKBDgx
  185. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [validate_tgt] (0x0400): TGT verified using key for [host/galaxy.enskede.local@ENSKEDE.LOCAL].
  186. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.613895: Retrieving ola@ENSKEDE.LOCAL -> host/galaxy.enskede.local@ENSKEDE.LOCAL from MEMORY:rd_req2 with result: 0/Success
  187. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.618673: Retrieving host/galaxy.enskede.local@ENSKEDE.LOCAL from FILE:/etc/krb5.keytab (vno 6, enctype rc4-hmac) with result: 0/Success
  188. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_child_krb5_trace_cb] (0x4000): [2146] 1429086986.933760: Destroying ccache MEMORY:rd_req2
  189. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [become_user] (0x0200): Trying to become user [11103][11116].
  190. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_get_ccache_name_for_principal] (0x4000): Location: [FILE:/tmp/krb5cc_11103_XXXXXX]
  191. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [sss_get_ccache_name_for_principal] (0x2000): krb5_cc_cache_match failed: [-1765328243][Can't find client principal ola@ENSKEDE.LOCAL in cache collection]
  192. (Wed Apr 15 10:36:26 2015) [[sssd[krb5_child[2146]]]] [create_ccache] (0x4000): Initializing ccache of type [FILE]
  193. (Wed Apr 15 10:36:28 2015) [[sssd[krb5_child[2146]]]] [k5c_send_data] (0x0200): Received error code 0
  194. (Wed Apr 15 10:36:28 2015) [[sssd[krb5_child[2146]]]] [pack_response_packet] (0x2000): response packet size: [135]
  195. (Wed Apr 15 10:36:28 2015) [[sssd[krb5_child[2146]]]] [k5c_send_data] (0x4000): Response sent.
  196. (Wed Apr 15 10:36:28 2015) [[sssd[krb5_child[2146]]]] [main] (0x0400): krb5_child completed successfully
  197. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [parse_krb5_child_response] (0x1000): child response [0][3][41].
  198. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [parse_krb5_child_response] (0x1000): child response [0][-1073741822][18].
  199. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [parse_krb5_child_response] (0x1000): child response [0][-1073741823][32].
  200. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [parse_krb5_child_response] (0x1000): TGT times are [1429086986][1429086986][1429122986][1429691786].
  201. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [parse_krb5_child_response] (0x1000): child response [0][6][8].
  202. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [sss_krb5_check_ccache_princ] (0x2000): Searching for [ola@ENSKEDE.LOCAL] in cache of type [FILE]
  203. (Wed Apr 15 10:36:28 2015) [sssd[be[ENSKEDE.LOCAL]]] [krb5_mod_ccname] (0x4000): Save ccname [FILE:/tmp/krb5cc_11103_6EqnbU] for user [ola].
  204. (Wed Apr 15 10:36:33 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbLastPwdChange is not available for [ola].
  205. (Wed Apr 15 10:36:33 2015) [sssd[be[ENSKEDE.LOCAL]]] [sdap_attrs_add_ldap_attr] (0x2000): krbPasswordExpiration is not available for [ola].
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!