[00:06] <SpaceBass> Hummm not seeing anything on the server 
[00:06] <SpaceBass> And I did a packet capture and the traffic looks normal to my novice eye
[00:06] <sergiodj> SpaceBass: does it look like this: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1934997 ?
[00:06] <ubottu> Launchpad bug 1934997 in sssd (Ubuntu) "Authentication fails after upgrading sssd to 2.2.3-3ubuntu0.6" [High, Triaged]
[00:07] <SpaceBass> Hummmm that could be it! I'm auth'ing against samba4 too and the one thing I'm seeing on the firewall is a lot of repeat packets 
[00:08] <sergiodj> SpaceBass: hm, alright.  it'd be great if you could enable debug on sssd and check for the GPO errors listed in the bug
[00:08] <SpaceBass> I've got debug enabled and the logs show literally nothing 
[00:08] <sergiodj> but otherwise, yeah, this is on my radar and upstream has recently fixed it.  I will work on backporting the patch soon
[00:08] <sergiodj> oh :-/
[00:08] <SpaceBass> I'll try enabling the goo option 
[00:09] <SpaceBass> gpo 
[00:09] <sarnold> any chance you're tailing the wrong file? sometimes apps lose a race with logfile rotation and tail -F sees the new file but the application never writes into it..
[00:09] <sarnold> hah, that first sentence wasn't quite right..
[00:09] <sergiodj> you can try setting ad_gpo_access_control to "permissive" and see if it solves the problem.  this is the current workaround
[00:09] <SpaceBass> I dont use GPOs anyway so easy thing to add
[00:20] <SpaceBass> sergiodj, FWIW auth is also VERY slow... not true on any other boxes 
[00:20] <sarnold> "broken dns" slow?
[00:24] <SpaceBass> Query time: 3 msec
[00:24] <sarnold> hah, so it's not glibc spending five seconds waiting for a response that's never coming..
[00:26] <SpaceBass> Whew! 
[00:27] <SpaceBass> Just timed it... id username takes 6 seconds
[00:33] <sergiodj> SpaceBass: did the workaround work?
[00:35] <SpaceBass> sergiodj, hard to know
[00:35] <SpaceBass> I'm rebooting a few times to check
[00:35] <sergiodj> OK
[00:36] <sergiodj> I'm calling it a day now but feel free to leave a comment on the bug if you're able to confirm that it's indeed what's going on
[00:36] <sergiodj> or to file a new bug if you think it's something else
[00:36] <SpaceBass> Ok... so far, out of 3 reboots, it is working AND boot time is much much faster
[00:37] <SpaceBass> sergiodj, thank you for the help and your work on the bug - I think we can confirm the workaround works for me
[00:37] <sergiodj> SpaceBass: awesome
[00:37] <sergiodj> I'll work on backporting the patch tomorrow
[00:40] <SpaceBass> That's amazing! 
=== amurray_ is now known as amurray
=== blahdeblah_ is now known as blahdeblah
=== axino` is now known as axino
[20:48] <kanashiro> ahasenack, there is a haproxy MP adding some dep8 tests up for review, I believe you'd be a great reviewer :)
[20:48] <ahasenack> oh, love it
[20:49] <kanashiro> I'll be out tomorrow and Firday, so I'll get back to it on Monday
[20:49] <kanashiro> no rush
[20:49] <kanashiro> just a heads-up
[20:50] <ahasenack> kanashiro: are you taking the holiday tomorrow? What about Friday?
[20:50] <kanashiro> Friday I am on PTO
[20:56] <ahasenack> kanashiro: and holiday tomorrow, right?
[21:02] <kanashiro> yes
=== genius3k is now known as genius3000
=== blackboxsw_ is now known as blackboxsw
=== jchittum_ is now known as jchittum
=== StoneMonarch_ is now known as StoneMonarch
=== t4cc0re_ is now known as t4cc0re
=== Thumpxr9 is now known as Thumpxr
=== englishm_ is now known as englishm
=== jinky is now known as jink
=== octav1a_ is now known as octav1a