[Freeipa-users] Fwd: IPA Client not able to remove
tarak sinha
taraksinha09 at gmail.com
Mon Jan 2 15:35:19 UTC 2017
Hi Team,
Please give me some suggestion to fix the below issue......
---------- Forwarded message ----------
From: tarak sinha <taraksinha09 at gmail.com>
Date: Mon, Jan 2, 2017 at 9:03 PM
Subject: Re: [Freeipa-users] IPA Client not able to remove
To: Rob Crittenden <rcritten at redhat.com>
Thanks Rob for your suggestion...
I have another issue on my hosts. Few node's are asking password rather
than authenticated with kerberoas.
Getting below error (Unspecified GSS failure). rest of the hosts are able
to login via gssapi-with-mic method
-------------snip----------
debug1: Authentications that can continue: publickey,gssapi-with-mic,
password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
KDC has no support for encryption type
debug1: Unspecified GSS failure. Minor code may provide more information
KDC has no support for encryption type
debug1: Unspecified GSS failure. Minor code may provide more information
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,
password
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Offering public key: /uhome/tsinha/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
------------snip-------------
Please give me some advise to login my linux nodes without any password.
Thanks,
Tarak
On Mon, Jan 2, 2017 at 7:28 AM, Rob Crittenden <rcritten at redhat.com> wrote:
> tarak sinha wrote:
> > Hi FreeIPA Team,
> >
> >
> >
> > I am not able to remove the IPA client host entry from Web UI and
> > command line as well. While trying to add it’s showing “Host is already
> > exist”. Please give me some suggestion to get rid if this issue.
> >
> >
> >
> > #ipa host-del xxx.example.com <http://xxx.example.com> --updatedns
> >
> > ipa: ERROR: xxx.example.com <http://xxx.example.com>: host not found
> >
> > #ipa host-show xxx.example.com <http://xxx.example.com>
> >
> > ipa: ERROR: xxx.example.com <http://xxx.example.com>: host not found
>
> It sounds like it is a replication conflict entry. You can confirm by
> doing something like 'ipa host-find xxx.example.com --all' and look at
> the DN. If it has nsuniqueid in the DN then it is a conflict entry. See
> https://access.redhat.com/documentation/en-US/Red_Hat_Direct
> ory_Server/8.2/html/Administration_Guide/Managing_Replicatio
> n-Solving_Common_Replication_Conflicts.html
> but given you want to remove it you can do so via ldapdelete.
>
> rob
>
--
*Thanks,*
*Tarak Nath Sinha*
*Mobile: **+91 8197522750*
--
*Thanks,*
*Tarak Nath Sinha*
*Mobile: **+91 8197522750*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170102/f9eddc32/attachment.htm>
More information about the Freeipa-users
mailing list