I'm having this issue. I discovered when I would randomly get locked out of
the admin account with the usual:
kinit: Clients credentials have been revoked while getting initial
The scenario would go as follows:
Sometimes I would try to issue "kinit admin", with the correct credentials
only to be met with the above results. Other times it would work fine, only
to fail when running an 'ipa' command.
Anyway, I discovered a bunch of failed auth entries for admin in the logs,
coming from clients. This would be mixed with successful logins from the
same machine. So what it looks like is happening is that these failed
logins would lock me out, sometimes in the middle of a session. Just
waiting 60 seconds for the lock out to time out would allow me to continue
my work. Has anyone seen this issue before? I'm using ipa server 3.0 on a
CentOS 6.6 server.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project