[Freeipa-users] is not an IPA v2 Server.
george he
george_he7 at yahoo.com
Mon Jun 18 16:21:25 UTC 2012
Hello Rob,
Yes, I did the configuration earlier today. And I did kinit too.
It seems the web UI loads really slowly - the circular thing can turn for minutes. So maybe I wasn't patient enough to let the page load.
I can ssh to the server and the client from my home, so I don't think there's another firewall blocking the connection.
Thanks,
George
>________________________________
> From: Rob Crittenden <rcritten at redhat.com>
>To: george he <george_he7 at yahoo.com>
>Cc: Petr Viktorin <pviktori at redhat.com>; "freeipa-users at redhat.com" <freeipa-users at redhat.com>
>Sent: Monday, June 18, 2012 11:51 AM
>Subject: Re: [Freeipa-users] is not an IPA v2 Server.
>
>george he wrote:
>> Hello all,
>>
>> Here is some other information.
>> I'm setting this up for a lab in a university. The university has its
>> own kerberos server (and DNS server, which I use).
>> I'm not sure whether anybody has set a kerberos server for the
>> department, or some other labs used the department sub-domain.
>> But I'm sure the realm name is unique.
>>
>> When I open the web UI on the server (firefox 13.0), I almost always get
>> this error:
>> Your Kerberos ticket is no longer valid. Please run kinit and then click
>> 'Retry'. If this is your first time running the IPA Web UI follow these
>> directions <https://cns2.psych.yale.edu/ipa/config/unauthorized.html> to
>> configure your browser.
>> Or you can use form-based authentication
>> <https://cns2.psych.yale.edu/ipa/ui/#>.
>> but I can use the form based authentication sometimes, not always.
>
>You need to configure the browser to do Kerberos single sign-on. There should be a link in the failure message to take you to a page to help you configure this. You also need to have done a kinit.
>
>I'm not sure why forms-based auth work work only sometimes, additional details would be needed.
>
>I'm not sure why the server would be pingable from your client but HTTP doesn't work. There may be another firewall blocking the packets on your network.
>
>rob
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120618/cb724abb/attachment.htm>
More information about the Freeipa-users
mailing list