Hi, Due to a bug in one of our maintanace scripts, I had to manually change some attributes for one of the users, e.g.: uid and uidNumber. I did it using /usr/sbin/ipa-moduser --setattr="uid=username" --setattr="uidNumber=1221" 1221
(yeah, last argument is really user's uid ;) After that user canno use any of the ipa-* scripts, he's getting: "Connection to database failed: Invalid credentials: SASL(-14): authorization failure:" I suppose is a problem with inconsistency in ldap and Kerberos database (probably Kerberos still has old data) My question is how to fix that without generating new user (I really have to avoid that due to fact that this environment has some compliance restictions) Regards, -- Tomasz Z. Napierała Systems Architecture Engineer, IT Infrastructure Department Allegro Team http://www.allegro.pl/ Grupa Allegro Sp. z o.o. z siedzibą w Poznaniu, 60-324 Poznań, przy ul. Marcelińskiej 90, wpisana do rejestru przedsiębiorców prowadzonego przez Sąd Rejonowy Poznań - Nowe Miasto i Wilda, Wydział VIII Gospodarczy Krajowego Rejestru Sądowego pod numerem KRS 0000268796, o kapitale zakładowym w wysokości 33 474 500 zł, posiadająca numer identyfikacji podatkowej NIP: 5272525995.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
