Schweiss, Chip via FreeIPA-users wrote:
> I'm building out a multisite installation. For unknown reasons, the
> 'admin' user password needs to be reset each time I join a new FreeIPA
> replica.
>
> It seems to happen a minute or two after the ipa-replica-install
> completes. Attempts to kinit immediately afterward usually works.
>
> Here's my ipa-replica install command I'm using:
>
> ipa-replica-install -n {domain} -r {realm} -d \
> --server={existing_ipa_server} \
> --setup-adtrust --add-agents --mkhomedir \
> --ntp-pool={my_ntp_pool} \
> -p $otp
>
> How do I track down the cause of this?
I don't know how this can happen and don't recall having see it before.
To track it down you'd need to enable the audit log in 389-ds on all
servers, including any newly created replica and wait for it to be
reset. That will show you at least what machine did so. The actual MOD
is probably not super interesting but who knows.
rob
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
