[Freeipa-devel] Strange issue I keep hitting with invalid tickets
Michael Gregg
mgregg at redhat.com
Tue Jul 31 21:50:06 UTC 2012
I am not sure why, but when I let my ipa machines sit around for a
while(overnight-24hours), and then kinit. When I try to run IPA commands
I get output like this:
[root at zippyvm12 ~]# ipa host-find
ipa: ERROR: Local error: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information
(Ticket not yet valid)
This issue seems to be addressed here:
https://access.redhat.com/knowledge/solutions/133433
It's strange, because when I kinit again, I seem to have a valid
credentials, like here:
[root at zippyvm12 ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin at TESTRELM.COM
Valid starting Expires Service principal
07/31/12 17:31:16 08/01/12 17:31:14 krbtgt/TESTRELM.COM at TESTRELM.COM
07/31/12 17:32:39 08/01/12 17:31:14
HTTP/zippyvm12.testrelm.com at TESTRELM.COM
The work around for me seems to be deleting /tmp/krb5*
Then, I kinit again, and it all starts to work again.
My question is, why is this happening? Any ideas?
Michael-
More information about the Freeipa-devel
mailing list