[Freeipa-users] SASL(-13) authentication failure
Bryan Pearson
bwp.pearson at gmail.com
Sat Feb 7 03:11:49 UTC 2015
Hello,
My IPA servers are currently saying:
"Failed to get data from 'hostname.lan': Invalid credentials SASL(-13):
authentication failure: GSSAPI Failure: gss_accept_sec_context"
tail -f /var/log/dirsrv/slapd-HOSTNAME-LAN/errors
[06/Feb/2015:21:42:41 -0500] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: LDAP error 49
(Invalid credentials) (SASL(-13): authentication failure: GSSAPI Failure:
gss_accept_sec_context) errno 0 (Success)
[06/Feb/2015:21:42:41 -0500] slapi_ldap_bind - Error: could not perform
interactive bind for id [] mech [GSSAPI]: error 49 (Invalid credentials)
We have 3 master replicas in operation. ipa2, ipa3, ipa4 and ipa1 we are
decommissioning. After losing the CA on 2 nodes, we promoted ipa3 to
master, and created a replica file, scped it to ipa4, installed it, and on
ipa4 created ipa2. Because of design, 3 and 2 cant communicate with each
other.
I just stopped dirsrv and pki-ca on ipa1, so its possible it is creating
issues.
I cant determine where the credentials or how to get them changed as all
the nodes are now having similar issues replicating.
Bryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150206/5aa7a4d5/attachment.htm>
More information about the Freeipa-users
mailing list