| === Goop is now known as fccccccllgvcuiuv | ||
| === fccccccllgvcuiuv is now known as Goop | ||
| === Goop is now known as YourMom | ||
| === YourMom is now known as Goop | ||
| lordievader | Good morning | 07:11 |
|---|---|---|
| azidhaka | hi | 08:44 |
| azidhaka | I have two identical NAS devices, exposing their storage as iscsi target. What is the recommended way to use them simultaneously and synchronous for storage so both contain the same information? lsyncd? drbd? unionfs? | 08:47 |
| === jelly-home is now known as jelly | ||
| === Napsterbater_ is now known as Napsterbater | ||
| g3poandlsl | I have successfully joined a Ubuntu 18.04 server to an active directory domain with realmd and sssd following this guide: https://www.smbadmin.com/2018/06/connecting-ubuntu-server-1804-to-active.htm | 16:18 |
| g3poandlsl | I can get tickets with kinit just fine, and id (username) returns UID and GIDs from LDAP as expected. However, when I try to log in with an active directory user account, the login fails. | 16:18 |
| g3poandlsl | Logs show pam_unix(login:auth) authentication failure, followed by pam_sss(login:auth) authentication success | 16:19 |
| g3poandlsl | The login prompt will just hang for about a minute after entering the credentials of an active directory account. Local accounts work just fine | 16:20 |
| arif-ali | g3poandlsl, have you increased you debugging levels, to see what else the problem may be. That's the first place to look. I have done realmd/sssd a few times in the past, and it does work well. It may also be useful to check 'getent passwd <userid>' for a user that you know exists | 17:11 |
| g3poandlsl | arif-ali, Thanks. I'll try increasing log levels. getent passwd <knownuser> returns no output. I have a feeling this may have to do with PAM modules | 18:01 |
| g3poandlsl | I take back what I said about getent passwd. After reverting a snapshot and re-joining the domain 'getent passwd' returns appropriate output | 18:33 |
| RoyK | what did you do before snapshotting? | 18:38 |
| === led2 is now known as led1 | ||
| g3poandlsl | installed Ubuntu, installed updates, set hostname | 18:51 |
| g3poandlsl | how would one go about increasing the log level of [login] events | 19:28 |
| sarnold | normally the syslog levels of events are set in the source; you select which levels you want to log, and sometimes it's not perfect | 19:32 |
| RoyK | g3poandlsl: usually the defaults are fine - but if you reinstalled the machine, you may want to look through the config | 19:42 |
| axisys | how to generate snmp alerts for ubuntu system level check? | 19:47 |
| axisys | there is a remote snmp trap servers | 19:47 |
| * RoyK just uses snmp polling | 19:51 | |
| axisys | eng team wants to receive traps | 19:51 |
| axisys | probably works better for firewall since we have 100s of servers to monitor? | 19:52 |
| RoyK | well, google it - seems to be a lot of sources there | 19:52 |
| axisys | RoyK: right, doing so.. but any suggestion is also appreciated.. did not see any #snmp channel | 19:52 |
| g3poandlsl | RoyK, ok, because I have increased the SSSD and PAM log level and am not seeing anything extra in journalctl for login events | 19:53 |
| RoyK | check /var/log/auth.log | 19:54 |
| g3poandlsl | /var/log/auth.log contains the same entries as journalctl (pertaining to login event) | 19:57 |
| g3poandlsl | the line I have a problem with is login[1211]: Authentication service cannot retrieve authentication info | 20:08 |
| g3poandlsl | I would like to troubleshoot at what point and for what reason auth info cannot be retrieved | 20:09 |
| sarnold | can you reproduce it? | 20:10 |
| g3poandlsl | yes | 20:11 |
| sarnold | ah good :) I'd first try to attach strace to the daemon process that will try to perform the login, then try the login, and see what the strace returns | 20:12 |
| g3poandlsl | sarnold, thanks for the tip. I ran strace on the login process and I'm a bit unsure how to interpret the output | 20:21 |
| sarnold | g3poandlsl: the usual trick is to start near the end of the trace and read backwards until you find the error message being logged; the error will probably be nearby, a bit ahead of that | 20:23 |
| g3poandlsl | I narrowed down the problem to an entry in /etc/pam.d/common-account. The offending line is 'account[default=bad success=ok user_unknown=ignore]pam_sss.so' | 21:12 |
| axisys | I just install snmp, snmpd and snmp-mibs-downloader and I am getting no result from snmpwalk | 21:12 |
| axisys | # snmpwalk -v 2c -c public localhost system | 21:13 |
| axisys | Timeout: No Response from localhost | 21:13 |
| g3poandlsl | Logins still hang for a while but eventually succeed if I change default=bad to default=ignore | 21:13 |
| === ysch_ is now known as ysch | ||
| ChmEarl | v libssh-4 | 23:13 |
| === Napsterbater is now known as Guest20588 | ||
| === Napsterbater_ is now known as Napsterbater | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!