[Freeipa-devel] freeIPA + Fedora 9 + xen , can't get passed ipa-finduser admin
Simo Sorce
ssorce at redhat.com
Mon May 19 18:02:44 UTC 2008
On Mon, 2008-05-19 at 13:06 -0400, Jaakan Shorter wrote:
> the servers name is freeIPA.test.net and not freeipa.test.net
DNS names are caseless, freeipa == FREEIPA == freeIPA in theory
> i just noiced this following line is not in caps when all the other ones are.
>
> "dn: krbprincipalname=kadmin/freeipa.test.net at TEST.NET,cn=TEST.NET,cn=
> kerberos,dc=test,dc=net"
>
> how would I fix the principalname? and should the principalname match
> the server name?
this is the only "correct" principal, the problem is with other
principals havin capital letters I believe.
The kerberos code expects all lowercase name I think.
You could use ldapmodify or an ldap browsing tool to change the
krbprincipalname attribute.
> Want me to do an uninstall and rename the server name in lower case
> and see if it's ok with that?
I think that would solve the issue, would you mind opening a bug in
bugzilla.redhat.com for the FreeIPA component?
We should handle this situation by normalizing the names before passing
them down the stack.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list