[Freeipa-users] KDC returned error string: NOT_ALLOWED_TO_DELEGATE
Linov Suresh
linov.suresh at gmail.com
Mon Aug 15 18:18:23 UTC 2016
We have IPA replica set up in RHEL 6.4 and is FreeIPA 3.0.0
We can only add the clients from IPA Server 01, not from IPA Server 02.
When I tried to add the client from IPA Server 02, getting the error,
ipa: ERROR: Insufficient access: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information (KDC
returned error string: NOT_ALLOWED_TO_DELEGATE)
SASL/GSSAPI authentication started
SASL username: vpham at EXAMPLE.NET
SASL SSF: 56
SASL data security layer installed.
ldap_modify: No such object (32)
additional info: Range Check error
modifying entry "fqdn=cpe-5061747522f9.example.net
,cn=computers,cn=accounts,dc=example,dc=net"
Could you please help us to fix this?
Appreciate your help in advance,
Linov Suresh.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160815/2dc1d0e7/attachment.htm>
More information about the Freeipa-users
mailing list