跳转至

IPA 常见故障处理

故障收集

1、跳板机登录服务器报错

org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory Could not chdir to home directory /home/chaichuan: No such file or directory

查看这台服务器messagebus 服务是否开启(需开启)

Bash
1
2
systemctl status messagebus
systemctl start messagebus

2、跳板机登录服务器报错

org.freedesktop.DBus.Error.ServiceUnknown: The name com.redhat.oddjob_mkhomedir was not provided by any .service files

查看这台服务器oddjobd 服务是否开启(需开启)

Bash
1
2
systemctl status oddjobd
systemctl start oddjobd

3、跳板机登陆服务器,不能创建宿主目录

Last login: Tue Jul 15 10:46:02 2025 from 172.16.1.201 Could not chdir to home directory /home/chaichuan: No such file or directory -bash-4.2$

这台服务器配置加入域时未加 --mkhomedir 参数

Bash
1
2
3
# 在报错服务器执行
authconfig --enablemkhomedir --update
# 配置文件为/etc/sysconfig/authconfig

4、跳板机登陆服务器报DNS错误

Hostname (172-26-32-68.ipa.vip) does not have A/AAAA record. Failed to update DNS records.

检查服务器的DNS指向是否正确,hosts是不是添加了记录

Bash
1
2
3
4
5
# cat /etc/resolv.conf 
nameserver 172.26.32.48
nameserver 172.26.32.53
# cat /etc/hosts
172.26.32.68 172-26-32-68.ipa.vip

如果都正确,还是报如上错误,可以重新配置ipa-client,并且登陆https://server.ipa.vip查看这台主机的DNS记录

img

5、跳板机登陆服务器被关闭连接

ssh_exchange_identification: Connection closed by remote host

可以使用dig 查看172-26-32-68.ipa.vip 的DNS是否解析正确的地址172.26.32.68

Bash
1
2
3
jump.ipa.vip [~] 2025-07-15 11:50:38
chaichuan@pts/0 $ dig 172-26-32-68.ipa.vip +short
172.26.32.68

或者如第4个错误,查看ipa页面DNS记录,如有问题,可选择重新安装配置client端加入域

6、跳板机登陆服务器,报凭据错误

jump 32-68 SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available (default cache: KEYRING:persistent:0))

大概是用户本地环境有问题,将/home/chaichuan的目录删除,重新登陆 如果不能解决,使用klist查看票据,发现报错

Bash
1
2
3
jump.ipa.vip [~] 2025-07-15 11:57:18
chaichuan@pts/1 $ klist   # 查看票据
klist: Credentials cache keyring 'persistent:1283600001:krb_ccache_Lg92pdG' not found

可以执行kinit,重新申请一下票据

Bash
1
2
3
4
5
6
7
8
9
chaichuan@pts/1 $ kinit   # kinit 重新获取票据
Password for chaichuan@IPA.VIP:  # 输入用户chaichuan密码
jump.ipa.vip [~] 2025-07-15 11:59:29
chaichuan@pts/1 $ klist   # 再次查看票据
Ticket cache: KEYRING:persistent:1283600001:krb_ccache_Lg92pdG
Default principal: chaichuan@IPA.VIP

Valid starting       Expires              Service principal
2025-07-15T11:59:29  2025-07-16T11:59:19  krbtgt/IPA.TEST@IPA.VIP