Receiving the following error when trying to run ipa commands

[gola-us@test-nfs-prod-1 ~]$ kinit gola-us
Password for gola-us@test.LOCAL:

Done!
New ticket is stored in cache file /home/rusers/gola-us/krb5cc_gola-us
[gola-us@test-nfs-prod-1 ~]$ ipa user-find
ipa: ERROR: did not receive Kerberos credentials
[gola-us@test-nfs-prod-1 ~]$

Linux version -
Red Hat Enterprise Linux Server release 7.3 (Maipo)

client
ipa-client-4.5.0-21.el7_4.2.2.x86_64


server
ipa-server-dns-4.5.0-21.el7_4.2.2.noarch
ipa-client-4.5.0-21.el7_4.2.2.x86_64
ipa-server-common-4.5.0-21.el7_4.2.2.noarch
ipa-server-4.5.0-21.el7_4.2.2.x86_64
ipa-server-trust-ad-4.5.0-21.el7_4.2.2.x86_64
ipa-common-4.5.0-21.el7_4.2.2.noarch
ipa-client-common-4.5.0-21.el7_4.2.2.noarch


If I change the location of the cache file - export
KRB5CCNAME=/tmp/.krb5cc-gola
I do a kinit gola-us and an ipa command returns this

[gola-us@test-nfs-prod-1 ~]$ kinit gola-us
Password for gola-us@test.LOCAL:

Done!
New ticket is stored in cache file /tmp/.krb5cc-gola
[gola-us@test-nfs-prod-1 ~]$ ipa user-find
ipa: ERROR: cannot connect to 'any of the configured servers':
https://test-ipa-prod-1.test.local/ipa/json,
https://test-ipa-prod-2.test.local/ipa/json


reviewing the krb5 logs shows normal communication between the client and
the ipa server. kerberos tickets are generated normally

Thanks,
Carl Gola
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to