[Freeipa-users] ipa-dnskeysyncd ipa : ERROR Login to LDAP server failed: {'desc': 'Invalid credentials'}
Brian J. Murrell
brian at interlinx.bc.ca
Mon Dec 19 20:24:45 UTC 2016
On Mon, 2016-12-19 at 17:26 +0100, Martin Basti wrote:
>
> On 19.12.2016 13:19, Brian J. Murrell wrote:
> > On Mon, 2016-12-19 at 09:42 +0100, Martin Basti wrote:
> > > Hello,
> > >
> > > could you recheck with SElinux in permissive mode?
> >
> > Yeah, still happens even after doing:
> >
> > # setenforce 0
> >
> > Cheers,
> > b.
>
> could you please kinit as service?
>
>
> kinit -kt /etc/ipa/dnssec/ipa-dnskeysyncd.keytab ipa-
> dnskeysyncd/$(hostname)
# kinit -kt /etc/ipa/dnssec/ipa-dnskeysyncd.keytab ipa-dnskeysyncd/server.example.com
# klist
Ticket cache: KEYRING:persistent:0:0
Default principal: ipa-dnskeysyncd/server.example.com at EXAMPLE.COM
Valid starting Expires Service principal
19/12/16 15:20:20 20/12/16 15:20:20 krbtgt/EXAMPLE.COM at EXAMPLE.COM
Seems to have worked. FWIW, I was not asked for any password.
Cheers,
b.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161219/8df520d0/attachment.sig>
More information about the Freeipa-users
mailing list