Steven Jones wrote:
I have installed free-ipa on fedora 12...
Some issues...."3.2 To test your IPA installation",
3. Item should read "/usr/sbin/ipa-finduser admin" and not
"/usr/bin/ipa user-find admin"
The command-line changed between 1.2 and 2.0. If you are using 1.2 (the
default in Fedora 12) then the command is ipa-finduser. If you are
running 2.0 (or more precisely one of the alphas named 1.9) then the
command is ipa user-find.
You can determine the version you have with: rpm -q ipa-server
"Using the Web Interface",
There is no explanation of how to do get to the user homepage....
I tried https://localhost:443
and I get a "Kerberos Authentication failed".....there is no workable
documentation / indication on how to fix this....
In short, you need to configure your browser to do kerberos
authentication, trust the IPA root CA and you need a kerberos ticket in
order to connect.
"Kerberos Authentication Failed
Unable to verify your Kerberos credentials. Please make sure that you
have valid Kerberos tickets (obtainable via kinit), and that you have
configured your browser correctly
<https://vuwunicofedipa1.vuw.ac.nz/ipa/errors/ssbrowser.html>. If you
are still unable to access the IPA Web interface, please contact the
helpdesk on for additional assistance.
Import the IPA Certificate Authority
You can automatically configure your browser to work with Kerberos by
importing the Certificate Authority above and clicking on the Configure
You *must* reload this page after importing the Certificate Authority
for the automatic settings to work
So I run kinit as a local user and get told....
"kinit: Client not found in Kerberos database while getting initial
Did you add your user as a user in IPA? You can always try getting a
ticket as the admin user for testing (kinit admin).
So anyway I attempt to follow the instruction in the web browser window
(as above) and keep getting the same thing when I restart Firefox.
So what next?
Thanks for the feedback.
Freeipa-users mailing list