Dynamic DNS feature in SSSD fails to update DNS entries with the error below. Thus DNS Scavenging in DNS scavenge lots of DNS entries from DNS.
dns_request_getresponse: request 0x7f9be03b7010 GSS verify error: GSSAPI error: Major = A token had an invalid Message Integrity Check (MIC), Minor = Packet was replayed in wrong direction. tsig key '3852538182.sig-dc001.example.com' (<null>): signature failed to verify(1) ; TSIG error with server: tsig verify failure
We have the following sssd.conf configuration in place :
[domain/ad.example.com] id_provider = ad auth_provider = ad chpass_provider = ad access_provider = ad ldap_schema = ad dyndns_update = true dyndns_refresh_interval = 43200 dyndns_upd ate_ptr = true dyndns_ttl = 3600
Red Hat Enterprise Linux 7.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.