Hi,

ipa-cacert-manage must be run as root but does not require any Kerberos ticket.

You can run the following command to check your directory manager password:
/usr/bin/ldapsearch -h localhost -p 389 -D "cn=directory manager" -w '#-!???<<<<<<' -b "" -s base

If the password is wrong, you will get an output like this one:
ldap_bind: Invalid credentials (49)

Otherwise it means that your DM password is OK.
HTH,
Flo.


On 09/13/2016 01:57 PM, G√ľnther J. Niederwimmer wrote:
Hello,

FreeIPA 4.3.1

I like to install my new Startcom Cert and have a Problem with the access ?

I search and found this

ipa-cacert-manage -p '#-!???<<<<<<' -n STARTCOM-ROOT -t C,, install
1_root_bundle.crt

but I become this
Insufficient access:  Invalid credentials
The ipa-cacert-manage command failed.

Can I test the "DM" Password with a other command or is this a Problem with
ipa-cacert-manage?

I test it with "kinit admin" and without ?

or is this a Problem with the Password when I write this
ipa-cacert-manage -p #-!???<<<<<< -n STARTCOM-ROOT -t C,, install
1_root_bundle.crt

I have this answer

ipa-cacert-manage: error: -p option requires an argument

Thanks for a answer,


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to