=== Goop is now known as fccccccllgvcuiuv
=== fccccccllgvcuiuv is now known as Goop
=== Goop is now known as YourMom
=== YourMom is now known as Goop
lordievaderGood morning07:11
azidhakaI have two identical NAS devices, exposing their storage as iscsi target. What is the recommended way to use them simultaneously and synchronous for storage so both contain the same information? lsyncd? drbd? unionfs?08:47
=== jelly-home is now known as jelly
=== Napsterbater_ is now known as Napsterbater
g3poandlslI have successfully joined a Ubuntu 18.04 server to an active directory domain with realmd and sssd following this guide: https://www.smbadmin.com/2018/06/connecting-ubuntu-server-1804-to-active.htm16:18
g3poandlslI can get tickets with kinit just fine, and id (username) returns UID and GIDs from LDAP as expected.  However, when I try to log in with an active directory user account, the login fails.16:18
g3poandlslLogs show pam_unix(login:auth) authentication failure, followed by pam_sss(login:auth) authentication success16:19
g3poandlslThe login prompt will just hang for about a minute after entering the credentials of an active directory account.  Local accounts work just fine16:20
arif-alig3poandlsl, have you increased you debugging levels, to see what else the problem may be. That's the first place to look. I have done realmd/sssd a few times in the past, and it does work well. It may also be useful to check 'getent passwd <userid>' for a user that you know exists17:11
g3poandlslarif-ali, Thanks. I'll try increasing log levels.  getent passwd <knownuser> returns no output.  I have a feeling this may have to do with PAM modules18:01
g3poandlslI take back what I said about getent passwd.  After reverting a snapshot and re-joining the domain 'getent passwd' returns appropriate output18:33
RoyKwhat did you do before snapshotting?18:38
=== led2 is now known as led1
g3poandlslinstalled Ubuntu, installed updates, set hostname18:51
g3poandlslhow would one go about increasing the log level of [login] events19:28
sarnoldnormally the syslog levels of events are set in the source; you select which levels you want to log, and sometimes it's not perfect19:32
RoyKg3poandlsl: usually the defaults are fine - but if you reinstalled the machine, you may want to look through the config19:42
axisyshow to generate snmp alerts for ubuntu system level check?19:47
axisysthere is a remote snmp trap servers19:47
* RoyK just uses snmp polling19:51
axisyseng team wants to receive traps19:51
axisysprobably works better for firewall since we have 100s of servers to monitor?19:52
RoyKwell, google it - seems to be a lot of sources there19:52
axisysRoyK: right, doing so.. but any suggestion is also appreciated.. did not see any #snmp channel19:52
g3poandlslRoyK, ok, because I have increased the SSSD and PAM log level and am not seeing anything extra in journalctl for login events19:53
RoyKcheck /var/log/auth.log19:54
g3poandlsl /var/log/auth.log contains the same entries as journalctl (pertaining to login event)19:57
g3poandlslthe line I have a problem with is login[1211]: Authentication service cannot retrieve authentication info20:08
g3poandlslI would like to troubleshoot at what point and for what reason auth info cannot be retrieved20:09
sarnoldcan you reproduce it?20:10
sarnoldah good :) I'd first try to attach strace to the daemon process that will try to perform the login, then try the login, and see what the strace returns20:12
g3poandlslsarnold, thanks for the tip. I ran strace on the login process and I'm a bit unsure how to interpret the output20:21
sarnoldg3poandlsl: the usual trick is to start near the end of the trace and read backwards until you find the error message being logged; the error will probably be nearby, a bit ahead of that20:23
g3poandlslI narrowed down the problem to an entry in /etc/pam.d/common-account. The offending line is 'account[default=bad success=ok user_unknown=ignore]pam_sss.so'21:12
axisysI just install snmp, snmpd and snmp-mibs-downloader and I am getting no result from snmpwalk21:12
axisys# snmpwalk  -v 2c -c public localhost system21:13
axisysTimeout: No Response from localhost21:13
g3poandlslLogins still hang for a while but eventually succeed if I change default=bad to default=ignore21:13
=== ysch_ is now known as ysch
ChmEarlv libssh-423:13
=== Napsterbater is now known as Guest20588
=== Napsterbater_ is now known as Napsterbater

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!