Nathan Lager wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 09/21/2012 10:18 AM, Rob Crittenden wrote:
Lager, Nathan T. wrote:
Well, after all of this, RedHat support just resolved my issue!

It came down the the domain_realm definitions in /etc/krb5.conf.

They had me change:

[domain_realm] .systems.lafayette.edu = SYSTEMS.LAFAYETTE.EDU
systems.lafayette.edu = SYSTEMS.LAFAYETTE.EDU

To: [domain_realm] .systems.lafayette.edu =
SYSTEMS.LAFAYETTE.EDU systems.lafayette.edu =
SYSTEMS.LAFAYETTE.EDU .lafayette.edu = SYSTEMS.LAFAYETTE.EDU
lafayette.edu = SYSTEMS.LAFAYETTE.EDU

After doing so, i restarted IPA, and my commands are working
properly now!

Now, to get my replica back in order...

Wow. OK, I'm glad it's working. Do we have any idea how this file
changed? Is it wrong on all your clients or only on this one
master?

It appears wrong on my replica as well, caroline1.  There are no
clients currently, other than RHEV.

I only have one lingering issue, aside from my replica being broken.

I still cant reset admin's password. It gives me the same error it was
before.

[root@caroline0 PROD ~]# kinit admin
Password for ad...@systems.lafayette.edu:
Password expired.  You must change it now.
Enter new password:
Enter it again:
kinit: Password has expired while getting initial credentials

Can you try kpasswd to reset the admin password?

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to