On Tue, Sep 13, 2016 at 9:36 PM, Endi Sukma Dewata <edew...@redhat.com>
> On 9/12/2016 9:35 PM, Endi Sukma Dewata wrote:
>> On 9/9/2016 2:46 PM, Georgios Kafataridis wrote:
>>> I've tried that but still the same result.
>>> [root@ipa-server /]# ldapsearch -D "cn=directory manager" -W -p 389 -h
>>> localhost -b "uid=admin,ou=people,o=ipaca"
>>> Enter LDAP Password:
>>> # extended LDIF
>>> # LDAPv3
>>> # base <uid=admin,ou=people,o=ipaca> with scope subtree
>>> # filter: (objectclass=*)
>>> # requesting: ALL
>>> # search result
>>> search: 2
>>> result: 32 No such object
>> The master's logs indicate there's an authentication issue.
>> Could you search the whole directory to find the admin user?
>> $ ldapsearch ... -b "o=ipaca" "(uid=admin)"
>> Try also other suffixes that you have in the DS.
>> If you find it, try to authenticate against DS directly as the admin
>> user. If the authentication fails, try resetting the password.
> I believe there is actually another DS instance on CentOS 6.8 running on
> port 7389, so make sure you check that too. If the admin user is indeed
> missing, it will need to be recreated, assigned a password and certificate,
> and added to the appropriate groups.
> See also: http://pki.fedoraproject.org/wiki/IPA_PKI_Users
I am having this problem too (see thread with subject " adding replica
centos 7 to centos 6 fails [error] ObjectclassViolation: attribute
"unhashed#user#password" not allowed"
If the usercertificate attribute of this user is expired, could this be the
cause of these problems?
I can login with the password as user uid=admin,ou=people,o=ipaca, but the
certificate expired 2014-10-28
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project