AD authentication via sssd not working, sssd going offline with "SASL: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (KDC reply did not match expectations)"

Solution In Progress - Updated -

Issue

  • Unable to autheticate as AD users, SSSD is going offline with "SASL: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (KDC reply did not match expectations)"
(Wed Mar 28 14:26:03 2018) [sssd[be[example.com]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: RHEL7$
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [ad_sasl_log] (0x0040): SASL: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (KDC reply did not match expectations)
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error]
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (KDC reply did not match expectations)]
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [sdap_cli_connect_recv] (0x0040): Unable to establish connection [1432158226]: Authentication Failed
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [_be_fo_set_port_status] (0x8000): Setting status: PORT_NOT_WORKING. Called from: src/providers/ldap/sdap_async_connection.c: sdap_cli_connect_recv: 2048
(Wed Mar 28 14:26:04 2018) [sssd[be[example.com]]] [fo_set_port_status] (0x0100): Marking port 0 of server 'adserver.example.com' as 'not working'
...
(Wed Mar 28 14:28:27 2018) [sssd[be[example.com]]] [be_resolve_server_done] (0x1000): Server resolution failed: [5]: Input/output error
(Wed Mar 28 14:28:27 2018) [sssd[be[example.com]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error])
(Wed Mar 28 14:28:27 2018) [sssd[be[example.com]]] [be_mark_offline] (0x2000): Going offline!

Environment

  • Red Hat Enterprise Linux(RHEL) 6.x/7.x
  • SSSD

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.