On Thu, Aug 24, 2017 at 09:51:51AM -0500, Kat via FreeIPA-users wrote:
> Hi all,
> Has anyone seen this before:
> 1. User created, and being used for logins, no issues. Works just fine.
> 2. At one point, keytab file is retrieved via getkeytab, which also works.
> 3. After the keytab is retrieved, the password no longer seems to work???
> Weirdness - am I missing something here? This can be repeated with any user
> set to retrieve their keytab.
see man ipa-getkeytab "WARNING: retrieving the keytab resets the secret
for the Kerberos principal. This renders all other keytabs for that
This means by default ipa-getkeytab will override the current
secret/password with a random one which will be added to the keytab as
In your case you might want to have a look at the -r or -p option of
> FreeIPA-users mailing list -- email@example.com
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org