[Freeipa-users] sudden ipa errors.

Dmitri Pal dpal at redhat.com
Mon Sep 10 12:54:34 UTC 2012 

On 08/24/2012 04:43 PM, Rob Crittenden wrote:
> Nathan Lager wrote:
>> This did not seem to help...
>>
>
> What else isn't working? Does the UI work? Do clients on other
> machines work? Does user lookup still work?
>
> rob


Was this issue ever resolved?

>
>>
>> On 08/22/2012 06:02 PM, Rob Crittenden wrote:
>>> Nathan Lager wrote:
>>>> [root at ipaserver PROD krb5kdc]# ipactl status
>>>> Directory Service: RUNNING
>>>> KDC Service: RUNNING
>>>> KPASSWD Service: RUNNING
>>>> MEMCACHE Service: RUNNING
>>>> HTTP Service: RUNNING
>>>> CA Service: RUNNING
>>>> [root at ipaserver PROD krb5kdc]# rpm -qa | grep ipa-server
>>>> ipa-server-selinux-2.2.0-16.el6.x86_64
>>>> ipa-server-2.2.0-16.el6.x86_64
>>>
>>> I'd try removing /tmp/krb5cc_48. This is the ccache used by Apache for
>>> doing S4U2Proxy. No restart of httpd should be required.
>>>
>>> rob
>>>
>>>>
>>>>
>>>> On 08/22/2012 04:08 PM, Rob Crittenden wrote:
>>>>> Nathan Lager wrote:
>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>> Hash: SHA1
>>>>>>
>>>>>> I tried the same, kinit, and then ipa passwd commands as before,
>>>>>> here's the output:
>>>>>>
>>>>>> Aug 22 14:32:13 ipaserver.lafayette.edu krb5kdc[1438](info):
>>>>>> AS_REQ (4
>>>>>> etypes {18 17 16 23}) ipa-servers-ip: NEEDED_PREAUTH:
>>>>>> lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>>> krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU, Additional
>>>>>> pre-authentication required
>>>>>>
>>>>>> Aug 22 14:32:19 ipaserver.lafayette.edu krb5kdc[1438](info):
>>>>>> AS_REQ (4
>>>>>> etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
>>>>>> etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>>> krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU
>>>>>>
>>>>>> Aug 22 14:32:35 ipaserver.lafayette.edu krb5kdc[1438](info): TGS_REQ
>>>>>> (4 etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
>>>>>> etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>>> HTTP/ipaserver.lafayette.edu at SYSTEMS.LAFAYETTE.EDU
>>>>>
>>>>> What version of IPA is this?
>>>>>
>>>>> Does ipactl status show all services up?
>>>>>
>>>>> rob
>>>>
>>>>
>>>
>>>
>>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-users mailing list