Header Shadow Image

Archive for February, 2018

GlusterFS: Configuration and Setup w/ NFS-Ganesha for an HA NFS Cluster

In this post we will go over how to setup a highly available NFS Cluster using: GlusterFS NFS Ganesha CentOS 7  HAPROXY keepalived firewalld selinux This post is very lengthy and goes over quite a few details on the way to configuring this setup.  We document virtually every step including how to build out a [...]

Replication bind with GSSAPI auth failed: LDAP error 49 (Invalid credentials) ()

FreeIPA replication failes for about 13 minutes with no activity on the first IDM server.  Not clear why at first. Feb 12 10:06:56 idmipa01 named-pkcs11[2529]: zone nix.mds.xyz/IN: sending notifies (serial 1518448016) Feb 12 10:07:06 idmipa01 named-pkcs11[2529]: error (chase DS servers) resolving 'mds.xyz/DS/IN': Feb 12 10:07:14 idmipa01 ns-slapd: [12/Feb/2018:10:07:14.130840773 -0500] – ERR – NSMMReplicationPlugin – [...]

Getting asked for password when using host shortname with kerberos delegation

When trying to ssh into a host using the server's short name, you get challenged or asked for a password.  You need to set the following to:   First item to set is the following: dns_canonicalize_hostname = true in /etc/krb5.conf.  It will then prevent from asking a password.  Using the server's FQDN will work without issues.   [...]

kinit: Cannot find KDC for realm while getting initial credentials

Problem is that you need  dns_lookup_kdc = true in your /etc/krb5.conf under the [libdefaults] section file: [root@mysql01 ~]# kinit tom@mds.xyz kinit: Cannot find KDC for realm "mds.xyz" while getting initial credentials [root@mysql01 ~]# [root@mysql01 ~]# vi /etc/krb5.conf [root@mysql01 ~]# systemctl restart sssd [root@mysql01 ~]# kinit tom@mds.xyz Password for tom@mds.xyz: [root@mysql01 ~]# Cheers, TK  

  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License