On Wed, 2014-06-11 at 12:47 -0400, Nathaniel McCallum wrote: > On Wed, 2014-06-11 at 12:45 -0400, Simo Sorce wrote: > > On Wed, 2014-06-11 at 12:36 -0400, Nathaniel McCallum wrote: > > > On Wed, 2014-06-11 at 08:47 -0400, Simo Sorce wrote: > > > > On Wed, 2014-06-11 at 11:09 +0200, Petr Viktorin wrote: > > > > > On 06/11/2014 02:48 AM, Simo Sorce wrote: > > > > > > I ma getting a failure to login in the UI > > > > > > > > > > > > The error is somewhere in ldap/schema/subentry.py > > > > > > > > > > > > KeyError: 'ipattokenhotp' > > > > > > > > > > > > A schema update may have failed I guess ? > > > > > > but running ipa-ldap-updater doesn't help ... > > > > > > > > > > > > Ideas ? > > > > > > > > > > Do you have the full traceback? > > > > > > > > This is in my tail output: > > > > > > > > [Tue Jun 10 20:45:06.136312 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: i18n_messages(): SUCCESS > > > > [Tue Jun 10 20:45:06.163805 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: config_show(): SUCCESS > > > > [Tue Jun 10 20:45:06.197784 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: user_find(None, whoami=True, all=True): > > > > SUCCESS > > > > [Tue Jun 10 20:45:06.198365 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: env(None): SUCCESS > > > > [Tue Jun 10 20:45:06.201735 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: dns_is_enabled(): SUCCESS > > > > [Tue Jun 10 20:45:06.203439 2014] [:error] [pid 1219] ipa: INFO: > > > > [email protected]: batch: trustconfig_show(): NotFound > > > > [Tue Jun 10 20:45:06.204018 2014] [:error] [pid 1219] ipa: INFO: > > > > [jsonserver_session] [email protected]: batch(({u'params': ((), {}), > > > > u'method': u'i18n_messages'}, {u'params': ((), {}), u'method': > > > > u'config_show'}, {u'params': ((), {u'all': True, u'whoami': True}), > > > > u'method': u'user_find'}, {u'params': ((), {}), u'method': u'env'}, > > > > {u'params': ((), {}), u'method': u'dns_is_enabled'}, {u'params': ((), > > > > {}), u'method': u'trustconfig_show'})): SUCCESS > > > > [Tue Jun 10 20:45:07.552739 2014] [:error] [pid 1220] ipa: ERROR: > > > > non-public: KeyError: 'ipatokenhotp' > > > > [Tue Jun 10 20:45:07.552807 2014] [:error] [pid 1220] Traceback (most > > > > recent call last): > > > > [Tue Jun 10 20:45:07.552815 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 343, in > > > > wsgi_execute > > > > [Tue Jun 10 20:45:07.552821 2014] [:error] [pid 1220] result = > > > > self.Command[name](*args, **options) > > > > [Tue Jun 10 20:45:07.552826 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 436, in > > > > __call__ > > > > [Tue Jun 10 20:45:07.552831 2014] [:error] [pid 1220] ret = > > > > self.run(*args, **options) > > > > [Tue Jun 10 20:45:07.552834 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 752, in run > > > > [Tue Jun 10 20:45:07.552839 2014] [:error] [pid 1220] result = > > > > self.execute(*args, **options) > > > > [Tue Jun 10 20:45:07.552843 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py", line > > > > 119, in execute > > > > [Tue Jun 10 20:45:07.552848 2014] [:error] [pid 1220] (o.name, > > > > json_serialize(o)) for o in self.api.Object() > > > > [Tue Jun 10 20:45:07.552852 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py", line > > > > 119, in <genexpr> > > > > [Tue Jun 10 20:45:07.552856 2014] [:error] [pid 1220] (o.name, > > > > json_serialize(o)) for o in self.api.Object() > > > > [Tue Jun 10 20:45:07.552861 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/util.py", line 57, in > > > > json_serialize > > > > [Tue Jun 10 20:45:07.552865 2014] [:error] [pid 1220] return > > > > json_serialize(obj.__json__()) > > > > [Tue Jun 10 20:45:07.552870 2014] [:error] [pid 1220] File > > > > "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line > > > > 649, in __json__ > > > > [Tue Jun 10 20:45:07.552875 2014] [:error] [pid 1220] attrs = > > > > self.api.Backend.ldap2.schema.attribute_types(objectclasses) > > > > [Tue Jun 10 20:45:07.552879 2014] [:error] [pid 1220] File > > > > "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line 377, > > > > in attribute_types > > > > [Tue Jun 10 20:45:07.552884 2014] [:error] [pid 1220] object_class > > > > = self.sed[ObjectClass][object_class_oid] > > > > [Tue Jun 10 20:45:07.552903 2014] [:error] [pid 1220] KeyError: > > > > 'ipatokenhotp' > > > > [Tue Jun 10 20:45:07.553226 2014] [:error] [pid 1220] ipa: INFO: > > > > [jsonserver_session] [email protected]: json_metadata(None, None, > > > > object=u'all'): KeyError > > > > [Tue Jun 10 20:45:07.936063 2014] [:error] [pid 1219] ipa: INFO: > > > > [jsonserver_session] [email protected]: json_metadata(None, None, > > > > command=u'all'): SUCCESS > > > > > > Do the installed schema files have ipatokenHOTP? Did you dump the schema > > > from 389DS to see if this object class is present? > > > > They are not. The schema files in /usr/share/ipa do have the > > objectclasses, but the server schema has not been updated (or the update > > failed). > > Hrm. Does it have ipatokenTOTP?
Yes, searching and grepping (-i "ipatok") cn=schema I get the following objectclasses: ipaToken, ipatokenTOTP, ipatokenRadiusProxyUser, ipatokenRadiusProxyConfiguration but ipatokenHOTP is missing ... Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
