Forum Replies Created

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • January 13, 2010 at 9:11 pm in reply to: 10.4.11 Server Soft-Locking every few minutes #377812
    TimBloom
    Participant

    Well, I was looking around on here for a post I made a couple months ago, and saw that I had forgotten about this post. I wanted to post the resolution I had for this.

    I was able to track down that the source of this was an intrusion attempt. Something from outside the network seemed to be hitting the SSH authentication system pretty hard with a brute-force attack. I blocked SSH at the Cisco ASA they have, and disabled SSH on the server. After that the server seems to have straightened up.

    May 27, 2009 at 9:32 pm in reply to: Kerberos errors in 10.4.11 #376316
    TimBloom
    Participant

    I’m having very similar issues. I don’t know weather it started with 10.4.11 or not. I think it originated when we changed the hostname to a proper FQDN using the changeip function. Multiple people setup and maintained this server before I was put in charge of it (of course no information was left to me other than a list of passwords). Kerberos is quite foreign to me, but I’m constantly getting errors of:

    GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)

    Looking at the machine records in WGM shows them all with the previous hostname listed.

    I’ve seen the OP’s steps listed multiple times and have debated doing it. The services work, but many things like WGM and sometimes login are extremely slow, and the errors pop up in the log generally when those events occur.

    I just have a few questions about the results:
    Is this recommended?
    Will I lose anything in doing this (passwords, bindings, etc..)?
    What precautions beside “Backup everything!” will I need to take to ensure the restore and resurrection goes smoothly?
    Will I be needing to re-bind the client computers to the domain?

    It’s only around 25 client computers.

    This is the firm’s only server and hosts everything for them (mail, directory, websites, firewall, dns, file services, etc..) and they all work directly from it, so if I do this I need to do it right the first time, with minimal downtime. Any other suggestions? Or did the original poster find a workaround?

    Sorry for all the questions, I’d understand the system better if it had been in my hands the entire time, but everyday I’m finding something rigged up in a strange way or broken but somehow still operating. 😐

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
Copyright © 2025 AFP548. All Rights Reserved.