On 03/06/2015 02:38 AM, Dan Mossor wrote:
On Thu, Mar 5, 2015 at 7:21 PM, Dmitri Pal <d...@redhat.com
It should show up if you do not have a ticket. Destroy the ticket on the
client and try to access the server via browser, you should be redirected.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Ok then, that is the page that keeps returning. I've tried from this
workstation using Konquerer, which does not support Kerberos, I've from from
Internet Explorer on a Windows 7 Professional desktop, and I've tried from a
Fedora 21 system that is not enrolled in the domain. I get the exact same
response with every attempt.
One additional step I attempted to take was to change the admin password on the
IPA server. I am getting a ldap_sasl_interactive_bind_s: Unknown authentication
method (-6) error back.
I think this installation is hosed. I am ready to wipe and start over from
scratch tomorrow. I've already wasted 16 hours on it.
Sorry to hear that. But I think you should start taking gradual steps in your
testing and trying to make Web UI over GSSAPI work. I would suggest this procedure:
1) Can I "kinit admin" and run CLI command ("ipa user-show admin")? If yes,
basic FreeIPA is functioning. Run kdestroy to get rid of Kerberos.
2) Can I login with form basic auth to my FreeIPA? If not, did you verify all
the items in
http://www.freeipa.org/page/Troubleshooting#Cannot_authenticate_to_Web_UI ? Did
you try logging with form based auth in FreeIPA public demo for example (user
"admin", password "Secret123"):
If not, we can dig further. If yes, you can continue with kinit + SSO for the
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project