On Tue, 1 Dec 2015, Thackeray, Neil L wrote:
I’m having this problem as well. This is only happening on Ubuntu
machines for me, the RedHat and CentOS machines don’t seem to have this issue. I was
starting to think this might be a problem with Kerberos libraries or something, otherwise
I can’t understand why it wouldn’t work only on Ubuntu.
I monitor when one of my servers loses contact with the AD by running a cron script every
10 minutes:
#!/bin/bash
HOST=`hostname`
TST=`kinit -k 'SERVERNAME $(a)AD.MYDOMAIN.COM' 2>&1`
if [ "$TST" != "" ]; then
logger -p user.crit "SSSD AUTH ERROR: [$DATE] $TST on $HOST"
DATE=`date`
echo "[$DATE]" $TST>>/root/sssd-weirdness.txt
fi
Have you got something in AD mandating machine password changes, or do you
have something like msktutil running doing it for you?
jh