I just installed freeipa on scientific linux 6.1. Installation worked
find so far but I cannot logon to the web interface.
Firefox is configured with the ca cert and single sign on settings.
Login as admin via ssh works fine and I get the valid
But when I open the ipa web interface I get only: Your kerberos ticket
is no longer valid. Please run kinit and then click 'Retry'.
In the titlebar I see : "_Logged in as: *u...@freeipa.org*_**
This is a bit strange to me I cannot see where this error comes from.
Has someone a hint for me
On the server side you can increase debug output by setting LogLevel to
debug in /etc/httpd/conf.d/nss.conf and restarting or you can
troubleshoot it from the client side by looking at:
One important factor is that you are going to the server that we created
a web principal for. If your server has a CNAME, for example, you have
to use the A record. We do a fair bit of redirecting using mod_rewrite
to be sure you get to the right host but it isn't perfect.
Freeipa-users mailing list