Details
-
Bug
-
Status: Engineering Closed (View Workflow)
-
Low
-
Resolution: Duplicate
-
None
-
None
-
None
Description
Attempting to add TrueNAS as a client in a FreeIPA environment works until you try to set encryption to ON, then it fails with;
'str' object has no attribute '__name__'
The console log outputs;
python3.8 300 - - GSSAPI Error: Miscellaneous failure (see text)/krb5cc_0 (Empty credential cache file: /tmp/krb5cc_0)
The LDAP health indicator after this appears to be normal.
The FreeIPA server is healthy, and I am able to successfully run kinit from the console/SSH
I have been unable to try START_TLS as the procedure for importing the IPA CA is extremely unclear in the documentation.
Configuring in the UI without enabling ldap and then running;
midclt ldap.start
results in the following;
LDAP
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/ldap.py", line 955, in start
await self.middleware.call('kerberos.start')
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1238,in call
return await self._call(
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 577, in start
await asyncio.wait_for(self._kinit(), timeout=kinit_timeout)
File "/usr/local/lib/python3.8/asyncio/tasks.py", line 494, in wait_for
return fut.result()
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 322, in _kinit
await self.do_kinit(ldap)
I have been unable to locate a kerberos log on the TrueNAS server to troubleshoot further.
