Zulkifal Ahmad wrote:
Hi Experts ,
I am trying to run a script from a remote server which creates user
principals and generate keytabs on my ipa server installed on CentOS6.5
ipav3 . The issue that I am getting is that when i run the same script
from the terminal of the remote server it runs fine and retrieves the
keytabs but when it is ran from a webUI of the remote server it gives me
an error.
" ipa: Error: did not receive kerberos credentials " .
FYI  my client/remote server is a part of the ipa domain and has the
same version of ipa client installed i.e v3.


Because on your local terminal you have a valid ticket when you run it, but running within the web server it doesn't unless you explicitly do a kinit (or delegate the TGT from the requesting web browser).

This procedure was tested on an ordinary MIT Kerberos server and runs
with no issues.

Using what tool? I'm guessing you used kadmin or kadmin.local which is an apples to orange comparison.

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to