I just installed freeipa on scientific linux 6.1. Installation worked
find so far but I cannot logon to the web interface.
Firefox is configured with the ca cert and single sign on settings.
Login as admin via ssh works fine and I get the valid
But when I open the ipa web interface I get only: Your kerberos ticket
is no longer valid. Please run kinit and then click 'Retry'.

In the titlebar I see : "_Logged in as: **_**

This is a bit strange to me I cannot see where this error comes from.
Has someone a hint for me



On the server side you can increase debug output by setting LogLevel to debug in /etc/httpd/conf.d/nss.conf and restarting or you can troubleshoot it from the client side by looking at:

One important factor is that you are going to the server that we created a web principal for. If your server has a CNAME, for example, you have to use the A record. We do a fair bit of redirecting using mod_rewrite to be sure you get to the right host but it isn't perfect.


Freeipa-users mailing list

Reply via email to