Hey all - I'm having an issue whereby password resets for users don't appear to be working... fully. It's odd because, if, through the web interface, I click "Actions", and then "Reset Password", and set it to some temporary password, I can then login to an IPA client server with that password. That server then prompts me to reset the user's password - confirming, to me, that the password reset "signal" has indeed been sent to that server. I then do the password reset, and can then log into that AND OTHER client servers with that password, suggesting that the password reset has worked!
BUT. When I try to connect to that user via LDAP, using that same password, I get "Invalid credentials (49)". Further, if I try a `kinit $USER` from any of those CLIENT servers, and punch in the password, it seems fine! But whenever I try the SAME `kinit $user` command from the IPA servers, I get `kinit: Password incorrect while getting initial credentials`, which is... deeply troubling, to say the least. What on Earth is going on? _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue