On Fri, Jun 08, 2018 at 12:33:05PM +0000, JOHE (John Hearns) wrote:
sssd version 1.15.0 running on Ubuntu Xenial.
In my setup sssd is not automatically refreshing computer account tickets after 30 days,
for some reason.
Does the machine that is not refreshing the tickets have adcli
installed?
I found te msktutil package, which has a cron job which runs msktutil --auto-update each
day.
So far so good.
However msktutil --auto-update fails but msktutil --update works OK.
Can anyone drop me a hint please why this might be so?
Snippets from the verbose output below.
/usr/sbin/msktutil --verbose --auto-update
-- get_default_keytab: Obtaining the default keytab name: FILE:/etc/krb5.keytab
-- create_fake_krb5_conf: Created a fake krb5.conf file: /tmp/.msktkrb5.conf-V1URdr
-- reload: Reloading Kerberos Context
-- finalize_exec: SAM Account Name is: and$
-- try_machine_keytab_princ: Trying to authenticate for and$ from local keytab...
-- try_machine_keytab_princ: Error: krb5_get_init_creds_keytab failed (Preauthentication
failed)
-- try_machine_keytab_princ: Authentication with keytab failed
/usr/sbin/msktutil --verbose --update
-- get_default_keytab: Obtaining the default keytab name: FILE:/etc/krb5.keytab
-- create_fake_krb5_conf: Created a fake krb5.conf file: /tmp/.msktkrb5.conf-QXmuHN
-- reload: Reloading Kerberos Context
-- finalize_exec: SAM Account Name is: and$
-- try_machine_keytab_princ: Trying to authenticate for and$ from local keytab...
-- switch_default_ccache: Using the local credential cache:
FILE:/tmp/.mskt_krb5_ccache-ZChBdy
-- finalize_exec: Authenticated using method 1
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahost...