Not sure if this belongs under networking or under security.
For about 6 months I've had a series of my Centos 7 servers configured with realmd / sssd to allow user authentication against my active directory domain. This has worked exceptionally well with little problems.
The past few days, a few servers have started hammering active directory attempting to authenticate a non-existent account, "host". At first, I thought perhaps someone was attempting to log in through sshd as "host", but, checking the log files on these servers, I see dozens of the following error messages in my log file, roughly every 5 minutes:
gssproxy[pid]: (OID: { 1 2 840 113554 1 2 2 }) Unspecified GSS failure. Minor code may provide more information,
Client 'host/myhostname.mydomain.com@mydomain.com' not found in Kerberos database
I have a dozen other servers which are set up the exact same way which are not generating this error. I have no idea what is causing it, or how to rectify it. I've tried removing the machine from AD (realm leave) and re-adding it, doesn't fix the problem.
I should note that the system seems to be operating normally (people logging in etc)
Any assistance would be appreciated.
gssproxy/gss failure spamming AD
-
- Posts: 38
- Joined: 2017/02/16 16:41:29
Re: gssproxy/gss failure spamming AD
Bump.
Anyone?
For the moment, I removed the nfs-server and nfs-client conf files in /etc/gssproxy, which seems to eliminate the error... but I have no idea why it is occurring on this machine to begin with, since I do not use kerberos authentication with nfs at all anywhere.
Anyone?
For the moment, I removed the nfs-server and nfs-client conf files in /etc/gssproxy, which seems to eliminate the error... but I have no idea why it is occurring on this machine to begin with, since I do not use kerberos authentication with nfs at all anywhere.