Turning SSSD debug logging up to 9 gives the following errors:
Code: Select all
tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = KDC has no support for encryption type.
...
(2021-03-16 14:10:01): [be[domain]] [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status [512]
(2021-03-16 14:10:01): [be[domain]] [be_nsupdate_done] (0x0040): nsupdate child execution failed [1432158240]: Dynamic DNS update failed
(2021-03-16 14:10:01): [be[domain]] [ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed [1432158240]: Dynamic DNS update failed
(2021-03-16 14:10:01): [be[domain]] [sdap_id_op_destroy] (0x4000): releasing operation connection
(2021-03-16 14:10:01): [be[domain]] [be_ptask_done] (0x0040): Task [Dyndns update]: failed with [1432158240]: Dynamic DNS update failed
We are setting ad_hostname to the FQDN of the VM in sssd.conf and the VMs are configured with static IP addresses. VMs deployed from the previous version of the template (with SSSD v.2.2.3) can still register DNS entries, but as soon as they are updated to SSSD v.2.3.0 they start to fail.
Can anyone please suggest a workaround or resolution? I am assuming that this is related to the SSSD update, but cannot find any helpful information on the Web.
Many thanks, Doc.