Running a clone of RHEL (Springdale Linux), and recently upgraded to 7.4 and all its ensuing surprises. Todays is strange because it affects one of three servers.
If a user tries to login to the web UI on 2/3 of the servers, they get the same error listed in this ticket: https://pagure.io/freeipa/issue/6739 One of the three servers works fine, and getting a Kerberos ticket first also works (assuming the browser is configured properly, etc). I noticed an error in the messages file on one of the failing machines: Sep 5 13:22:59 ipa ipa-httpd-kdcproxy: ipa : WARNING Unable to connect to dirsrv: cannot connect to 'ldapi://%2Fvar%2Frun%2Fslapd-ASTRO-PRINCETON-EDU.socket': Sep 5 13:22:59 ipa ipa-httpd-kdcproxy: ipa : WARNING Disabling KDC proxy So I ran an 'ipactl restart' on that machine, and saw it successfully connected later: Sep 5 13:33:36 ipa systemd: Stopping The Apache HTTP Server... Sep 5 13:33:37 ipa systemd: Starting The Apache HTTP Server... Sep 5 13:33:38 ipa ipa-httpd-kdcproxy: ipa : INFO KDC proxy enabled Sep 5 13:33:38 ipa systemd: Started The Apache HTTP Server. But that did not solve the problem. I'm happy to provide more information, but as this is all new to me I don't know where to begin to debug. Thanks for any pointers you can send my way. -- Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci Princeton University | ICBM Address: 40.346344 -74.652242 345 Lewis Library |"On my ship, the Rocinante, wheeling through Princeton, NJ 08544 | the galaxies; headed for the heart of Cygnus, (267) 793-0852 | headlong into mystery." -Rush, 'Cygnus X-1' _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
