{"id":2806,"date":"2026-03-27T12:04:59","date_gmt":"2026-03-27T11:04:59","guid":{"rendered":"https:\/\/yellotab.se\/x056\/?p=2806"},"modified":"2026-03-27T12:16:46","modified_gmt":"2026-03-27T11:16:46","slug":"system-optimering-freeipa","status":"publish","type":"post","link":"https:\/\/yellotab.se\/x056\/2026\/03\/27\/system-optimering-freeipa\/","title":{"rendered":"System optimering FreeIPA"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">\u26a0\ufe0f Viktig konsekvens<\/h1>\n\n\n\n<pre class=\"wp-block-preformatted\">Efter installation upplevdes en n\u00e5got l\u00e5ngsam inloggning, och \u00e4ven att sidor tog en l\u00e4ngre tid \u00e4n f\u00f6rv\u00e4ntat. Efter lite fels\u00f6kning verkar det som kerboros inte har r\u00e4tt certifikat och timar ut.<\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Detta \u00e4r en <strong>workaround<\/strong> (men helt OK i ditt l\u00e4ge)<\/pre>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83d\udd25 Extra (f\u00f6r UI-laggen du s\u00e5g)<\/h1>\n\n\n\n<p>Samma princip g\u00e4ller:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>web UI \u2192 snabbare nu n\u00e4r Kerberos \u00e4r fixat<\/li>\n\n\n\n<li>ev kvarvarande delay \u2192 DNS (SRV\/PTR)<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83d\udd25 Trolig root cause i ditt fall<\/h1>\n\n\n\n<p>\ud83d\udc49 90% sannolikhet:<\/p>\n\n\n\n<p><strong>saknad PTR + SRV i DNS \u2192 timeout \u2192 UI lagg<\/strong><\/p>\n\n\n\n<p>Eftersom:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AdGuard HA saknar full DNS-funktion<\/li>\n\n\n\n<li>FreeIPA f\u00f6rv\u00e4ntar sig enterprise-DNS<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83c\udfaf Trolig orsak i din setup<\/h1>\n\n\n\n<p>Du k\u00f6r:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>FreeIPA utan egen DNS<\/li>\n\n\n\n<li><strong>AdGuard Home<\/strong> (HA add-on, begr\u00e4nsad DNS)<\/li>\n<\/ul>\n\n\n\n<p>\ud83d\udc49 D\u00e5 saknas troligen:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u274c PTR (reverse DNS)<\/li>\n\n\n\n<li>\u274c SRV records (_kerberos, _ldap)<\/li>\n<\/ul>\n\n\n\n<p>\ud83d\udc49 Resultat:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Kerberos f\u00f6rs\u00f6ker auto-discover \u2192 timeout \u2192 retry \u2192 delay (~5\u201310 sek)<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83d\udd25 Snabb fix (g\u00f6r detta f\u00f6rst)<\/h1>\n\n\n\n<h2 class=\"wp-block-heading\">1\ufe0f\u20e3 L\u00e4gg till i <code class=\"\" data-line=\"\">\/etc\/hosts<\/code><\/h2>\n\n\n\n<p>P\u00e5 IPA-servern:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"\" data-line=\"\">nano \/etc\/hosts<\/code><\/pre>\n\n\n\n<p>L\u00e4gg till:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"\" data-line=\"\">192.168.1.16 ipa.home.jidoka.se ipa<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">2\ufe0f\u20e3 L\u00e4gg till i <code class=\"\" data-line=\"\">\/etc\/krb5.conf<\/code> (tvinga Kerberos att inte anv\u00e4nda DNS)<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"\" data-line=\"\">dns_lookup_kdc = false\ndns_lookup_realm = false<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u26a0\ufe0f Viktig konsekvens Efter installation upplevdes en n\u00e5got l\u00e5ngsam inloggning, och \u00e4ven att sidor tog en l\u00e4ngre tid \u00e4n f\u00f6rv\u00e4ntat. Efter lite fels\u00f6kning verkar det som kerboros inte har r\u00e4tt certifikat och timar ut. Detta \u00e4r en workaround (men helt OK i ditt l\u00e4ge) \ud83d\udd25 Extra (f\u00f6r UI-laggen du s\u00e5g) Samma princip g\u00e4ller: \ud83d\udd25 Trolig [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2806","post","type-post","status-publish","format-standard","hentry","category-news"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/posts\/2806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/comments?post=2806"}],"version-history":[{"count":4,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/posts\/2806\/revisions"}],"predecessor-version":[{"id":2811,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/posts\/2806\/revisions\/2811"}],"wp:attachment":[{"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/media?parent=2806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/categories?post=2806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yellotab.se\/x056\/wp-json\/wp\/v2\/tags?post=2806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}