Professional Documents
Culture Documents
& Troubleshooting
FreeIPA Server
Mandatory
Optional
Discussion
How are the parts integrated, how do they communicate?
Where all the components logs, how do we control them?
LDAP PKI
DB
3
7 Apache 2 $ ipa cert-show 1
Troubleshooting
KDC 1) host, ping, iptables
2) LDAP access log, BIND log
4 3) KRB5_TRACE=/dev/stdout, KDC log
LDAP
4) LDAP access log
5) Apache error log, ipa -vvv, strace
FreeIPA Server 6) Apache access log, PKI logs
7) LDAP access log
FreeIPA Server
Network Boundary
Backend
Cache
Process
nss_sss
Client
“login” PAM Auth Authentication
Responder Provider Server
SSSD
Network Boundary
5
Backend
Cache
Process
nss_sss
Client
“login” PAM Auth Authentication
Responder Provider Server
SSSD
Network Boundary
5
Backend
1 Cache
Process
nss_sss
pam_sss
PAM Auth Authentication
Client Responder Provider Server
6 7 8
“login”
SSSD