So, I have a server setup with just three users and less than 10 systems attached to it.
But, for some reason when I try to login via the webui it normally just hangs at the
"Authenticating..." point. Sometimes if I'm lucky I actually get in to the
interface. However, anything that I click on has the "working..." wheel of death
and if it does load the data for the page it takes forever.
Environment:
-"At home" no production environment.
- Home router is set to use internal BIND DNS server and the IPA server for DNS
- IPA server is set to use the BIND DNS server for forwarding
- BIND DNS server's primary function is Blackhole DNS forwarding server
- IPA server is set to be an internal self-signed CA/RA
Things I've tried:
1) reboot the server Result: No Change.
2) Tried using Chrome, Firefox, Safari, and Opera with cache clearing. Result: No Change
3) Tried logging in via User Name and password. Result: No change
4) Tried logging in via PKCS#11 soft-token. Result: No change
5) login to the IPA server, start kerberos session, and run `ipa user-find`. Result:
command hangs
6) login to the IPA client, start kerberos session, and run `ipa user-find`. Result:
command hangs
When monitoring `journalctl -xf` when doing so the only things I see is things like the
following:
Mar 20 17:25:33 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:25:43 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:25:52 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:25:54 ipa.neverland.ddns.me ns-slapd[2810]: GSSAPI server step 1
Mar 20 17:25:54 ipa.neverland.ddns.me ns-slapd[2810]: GSSAPI server step 2
Mar 20 17:25:54 ipa.neverland.ddns.me ns-slapd[2810]: GSSAPI server step 3
Mar 20 17:25:57 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:25:59 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:26:05 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:26:25 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:26:27 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
Mar 20 17:26:28 ipa.neverland.ddns.me named-pkcs11[2857]: resolver priming query complete
7) Tried to understand the log output of `journalctl -xf` when I do `systemctl restart
ipa`, which can be found at
https://pastebin.com/7sMAp7Zh
8) Tried using curl with kerberos to access Web API. Result: No change. Note: This and all
other web-based access sometimes errors out with a vague "Internal Error"
message.