Now I've made it to the WebUI. Login works great (also via the new form auth). Click on IPA Server tab and then Configuration yields:
IPA Error 4208 - get-effective-rights: missing subject: Invalid syntax This also happens at several other points in the UI. For example, click one DNS zone and then the Settings tab within, or the Hosts section within the Identity tab and clicking Settings. It seems that any attempt to configure settings yields this error. Directory server error logs point specifically to the NSACLPlugin: NSACLPlugin - get-effective-rights: missing subject Failed to get effective rights for entry (idnsname=17.168.192.in-addr.arpa.,cn=dns,dc=4test,dc=net), rc=21 I'm guessing some incorrect ACLs? Steve _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users