| SpaceBass | Hummm not seeing anything on the server | 00:06 |
|---|---|---|
| SpaceBass | And I did a packet capture and the traffic looks normal to my novice eye | 00:06 |
| sergiodj | SpaceBass: does it look like this: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1934997 ? | 00:06 |
| ubottu | Launchpad bug 1934997 in sssd (Ubuntu) "Authentication fails after upgrading sssd to 2.2.3-3ubuntu0.6" [High, Triaged] | 00:06 |
| SpaceBass | Hummmm that could be it! I'm auth'ing against samba4 too and the one thing I'm seeing on the firewall is a lot of repeat packets | 00:07 |
| sergiodj | SpaceBass: hm, alright. it'd be great if you could enable debug on sssd and check for the GPO errors listed in the bug | 00:08 |
| SpaceBass | I've got debug enabled and the logs show literally nothing | 00:08 |
| sergiodj | but otherwise, yeah, this is on my radar and upstream has recently fixed it. I will work on backporting the patch soon | 00:08 |
| sergiodj | oh :-/ | 00:08 |
| SpaceBass | I'll try enabling the goo option | 00:08 |
| SpaceBass | gpo | 00:09 |
| sarnold | any chance you're tailing the wrong file? sometimes apps lose a race with logfile rotation and tail -F sees the new file but the application never writes into it.. | 00:09 |
| sarnold | hah, that first sentence wasn't quite right.. | 00:09 |
| sergiodj | you can try setting ad_gpo_access_control to "permissive" and see if it solves the problem. this is the current workaround | 00:09 |
| SpaceBass | I dont use GPOs anyway so easy thing to add | 00:09 |
| SpaceBass | sergiodj, FWIW auth is also VERY slow... not true on any other boxes | 00:20 |
| sarnold | "broken dns" slow? | 00:20 |
| SpaceBass | Query time: 3 msec | 00:24 |
| sarnold | hah, so it's not glibc spending five seconds waiting for a response that's never coming.. | 00:24 |
| SpaceBass | Whew! | 00:26 |
| SpaceBass | Just timed it... id username takes 6 seconds | 00:27 |
| sergiodj | SpaceBass: did the workaround work? | 00:33 |
| SpaceBass | sergiodj, hard to know | 00:35 |
| SpaceBass | I'm rebooting a few times to check | 00:35 |
| sergiodj | OK | 00:35 |
| sergiodj | I'm calling it a day now but feel free to leave a comment on the bug if you're able to confirm that it's indeed what's going on | 00:36 |
| sergiodj | or to file a new bug if you think it's something else | 00:36 |
| SpaceBass | Ok... so far, out of 3 reboots, it is working AND boot time is much much faster | 00:36 |
| SpaceBass | sergiodj, thank you for the help and your work on the bug - I think we can confirm the workaround works for me | 00:37 |
| sergiodj | SpaceBass: awesome | 00:37 |
| sergiodj | I'll work on backporting the patch tomorrow | 00:37 |
| SpaceBass | That's amazing! | 00:40 |
| === amurray_ is now known as amurray | ||
| === blahdeblah_ is now known as blahdeblah | ||
| === axino` is now known as axino | ||
| kanashiro | ahasenack, there is a haproxy MP adding some dep8 tests up for review, I believe you'd be a great reviewer :) | 20:48 |
| ahasenack | oh, love it | 20:48 |
| kanashiro | I'll be out tomorrow and Firday, so I'll get back to it on Monday | 20:49 |
| kanashiro | no rush | 20:49 |
| kanashiro | just a heads-up | 20:49 |
| ahasenack | kanashiro: are you taking the holiday tomorrow? What about Friday? | 20:50 |
| kanashiro | Friday I am on PTO | 20:50 |
| ahasenack | kanashiro: and holiday tomorrow, right? | 20:56 |
| kanashiro | yes | 21:02 |
| === genius3k is now known as genius3000 | ||
| === blackboxsw_ is now known as blackboxsw | ||
| === jchittum_ is now known as jchittum | ||
| === StoneMonarch_ is now known as StoneMonarch | ||
| === t4cc0re_ is now known as t4cc0re | ||
| === Thumpxr9 is now known as Thumpxr | ||
| === englishm_ is now known as englishm | ||
| === jinky is now known as jink | ||
| === octav1a_ is now known as octav1a | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!