Running a clone of RHEL (Springdale Linux), and recently upgraded to
7.4 and all its ensuing surprises.  Todays is strange because it
affects one of three servers.

If a user tries to login to the web UI on 2/3 of the servers, they get
the same error listed in this ticket:

One of the three servers works fine, and getting a Kerberos ticket
first also works (assuming the browser is configured properly, etc).

I noticed an error in the messages file on one of the failing machines:

  Sep  5 13:22:59 ipa ipa-httpd-kdcproxy: ipa         : WARNING
Unable to connect to dirsrv: cannot connect to
  Sep  5 13:22:59 ipa ipa-httpd-kdcproxy: ipa         : WARNING
Disabling KDC proxy

So I ran an 'ipactl restart' on that machine, and saw it successfully
connected later:

  Sep  5 13:33:36 ipa systemd: Stopping The Apache HTTP Server...
  Sep  5 13:33:37 ipa systemd: Starting The Apache HTTP Server...
  Sep  5 13:33:38 ipa ipa-httpd-kdcproxy: ipa         : INFO     KDC
proxy enabled
  Sep  5 13:33:38 ipa systemd: Started The Apache HTTP Server.

But that did not solve the problem.  I'm happy to provide more
information, but as this is all new to me I don't know where to begin
to debug.  Thanks for any pointers you can send my way.

Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
  Princeton University  |    ICBM Address: 40.346344   -74.652242
    345 Lewis Library   |"On my ship, the Rocinante, wheeling through
  Princeton, NJ   08544 | the galaxies; headed for the heart of Cygnus,
    (267) 793-0852      | headlong into mystery."  -Rush, 'Cygnus X-1'
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to