[Freeipa-users] Failed to initialize credentials using keytab
freeipa at noboost.org
freeipa at noboost.org
Tue Jul 10 08:53:18 UTC 2012
Hi All,
Server:
RHEL 6.3
ipa-admintools-2.2.0-16.el6.x86_64
ipa-client-2.2.0-16.el6.x86_64
ipa-pki-ca-theme-9.0.3-7.el6.noarch
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-python-2.2.0-16.el6.x86_64
ipa-server-2.2.0-16.el6.x86_64
ipa-server-selinux-2.2.0-16.el6.x86_64
libipa_hbac-1.8.0-32.el6.x86_64
libipa_hbac-python-1.8.0-32.el6.x86_64
python-iniparse-0.3.1-2.1.el6.noarch
Odd Error in /var/log/messages:
Jul 10 18:15:30 sysvm-ipa [sssd[ldap_child[2070]]]: Failed to initialize
credentials using keytab [(null)]: Decrypt integrity check failed.
Unable to create GSSAPI-encrypted LDAP connection.
Jul 10 18:15:30 sysvm-ipa [sssd[ldap_child[2070]]]: Decrypt integrity
check failed
Jul 10 18:15:42 sysvm-ipa rhnsd[2194]: Red Hat Network Services Daemon
starting up, check in interval 240 minutes.
Jul 10 18:15:43 sysvm-ipa certmonger: Error setting up ccache for local
"host" service using default keytab.
I checked the servers ketab and as far as I can tell, it seems fine?
[root at sysvm-ipa etc]# klist -k /etc/krb5.keytab
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 host/sysvm-ipa.example.com at EXAMPLE.COM
2 host/sysvm-ipa.example.com at EXAMPLE.COM
2 host/sysvm-ipa.example.com at EXAMPLE.COM
2 host/sysvm-ipa.example.com at EXAMPLE.COM
2 host/sysvm-ipa.example.com at EXAMPLE.COM
2 host/sysvm-ipa.example.com at EXAMPLE.COM
cya
Craig
More information about the Freeipa-users
mailing list