Then I suspect automounter used to use the ldap module and then was
not restarted after nsswitch.conf was set to include sss. Because the
error messages like include error messages directly from libldap and I
wouldn't expect to see those with sssd..

Hello,

To add to previous mail, I have noticed this:

I had two IPA, hydrogen and lithium. lithium died and will be resetting
another soon after I find why the setup isn't redundant with one IPA. But
this line seem to be a lead

Working:
ipa_server = _srv_, hydrogen.eng.example.com

Failing:
ipa_server = _srv_, lithium.eng.example.com

Have read on that format and seem fine from the reading. To add on that,
DNS records seem to be fine too.


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3 <<>> SRV _ldap._
tcp.eng.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;_ldap._tcp.eng.example.com. IN SRV

;; ANSWER SECTION:
_ldap._tcp.eng.example.com. 86400 IN SRV 0 100 389
hydrogen.eng.example.com.
_ldap._tcp.eng.example.com. 86400 IN SRV 0 100 389
lithium.eng.example.com.

;; AUTHORITY SECTION:
eng.example.com. 86400 IN NS hydrogen.eng.example.com.
eng.example.com. 86400 IN NS lithium.eng.example.com.

;; ADDITIONAL SECTION:
lithium.eng.example.com. 1200 IN A 192.168.20.3
hydrogen.eng.example.com. 1200 IN A 192.168.20.1

;; Query time: 1 msec
;; SERVER: 192.168.20.1#53(192.168.20.1)
;; WHEN: Tue Mar 14 18:32:44 2017
;; MSG SIZE rcvd: 200


What could I be missing?

Regards,
William