Tools/Manuals/TS26
< Tools
Jump to navigation
Jump to search
Revision as of 09:23, 31 March 2011 by Aesch (talk | contribs) (Created page with '{{TOC_right}} Category:FAQ ------ Back to Troubleshooting Guide ------ = No valid credential found ... System error = == Full message…')
Back to Troubleshooting Guide
No valid credential found ... System error
Full message
$ export LFC_HOST=lfc_alias.some_domain $ lfc-ls /grid/ send2nsd: NS002 - send error : No valid credential found /grid/: System error
Diagnosis
This probably is due to a DNS problem: the alias for the LFC host is resolved to the IP address of the real host, but the reverse lookup of the IP address points back to the alias instead of the real host. This problem has been observed for old versions of nscd (which may run on the UI), but also a standard named may be misconfigured or otherwise in bad shape. Verify that /etc/resolv.conf only includes the desired name servers for your site.
To get more information out of commands like lfc-ls you can do this:
( export CSEC_TRACE=1 ; lfc-ls /grid )
For the case at hand the stderr would include a diagnostic like this:
ERROR: initializing context: GSS Error: GSS Major Status: Unexpected Gatekeeper or Service Name MECH Error: GSS Minor Status Error Chain: init_sec_context.c:251: gss_init_sec_context: Mutual authentication failed: The target name (/C=FOO/O=BAR/OU=XYZ/L=ABC/CN=real_hostname.some_domain) in the context, and the target name (/CN=host/lfc_alias.some_domain) passed to the function do not match