[Freeipa-users] sudden ipa errors.

Nathan Lager lagern at lafayette.edu
Wed Aug 22 18:35:33 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I tried the same, kinit, and then ipa passwd commands as before,
here's the output:

Aug 22 14:32:13 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
etypes {18 17 16 23}) ipa-servers-ip: NEEDED_PREAUTH:
lagern at SYSTEMS.LAFAYETTE.EDU for
krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU, Additional
pre-authentication required

Aug 22 14:32:19 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU

Aug 22 14:32:35 ipaserver.lafayette.edu krb5kdc[1438](info): TGS_REQ
(4 etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
HTTP/ipaserver.lafayette.edu at SYSTEMS.LAFAYETTE.EDU


On 08/22/2012 02:17 PM, Rob Crittenden wrote:
> Nathan Lager wrote:
>> I have a RHEL ipa server setup and running.  Its been running for
>> a while now, and suddenly, today, i'm having trouble
>> authenticating to it, or changing my password.
>> 
>> The error i'm getting at the command line is:
>> 
>> [lagern at ipaserver PROD ~]$ ipa passwd Current Password: New
>> Password: Enter New Password again to verify: ipa: ERROR: cannot
>> connect to u'http://ipaserver.lafayette.edu/ipa/xml': Internal
>> Server Error
>> 
>> Looking at /var/log/httpd/error and access logs i see:
>> 
>> [Wed Aug 22 13:18:07 2012] [error] [client <client ip)] 
>> gss_acquire_cred() failed: Unspecified GSS failure.  Minor code
>> may provide more information (, Unknown error), referer: 
>> https://ipaserver.lafayette.edu/ipa/xml
>> 
>> I'm wading through google at the moment, to see if i can find a
>> fix, but i'm coming up empty.
>> 
> 
> I'd look in your KDC Log to see if it has anything useful, 
> /var/log/krb5kdc.
> 
> rob
> 

- -- 
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlA1JnUACgkQsZqG4IN3sumDxACgpLzJEqvnbxT46EAiFlTnHjm9
figAn2wGao5ZYiGGuVi7PB5E5QJTkggv
=aS7e
-----END PGP SIGNATURE-----

More information about the Freeipa-users mailing list