[ Sent just to the list. Hopefully Martin is on it. ] On Thu, 2016-12-22 at 10:06 +0100, Martin Babinsky wrote: > > Hi Brian,
Hi Martin, > DS should use /etc/sysconfig/dirsrv to set its KRB5_KTNAME env > variable > to /etc/dirsrv/ds.keytab. Ah-ha! This was the problem. When I upgraded from 4.2 to 4.4 as part of my CentOS upgrade I pulled up the config file changes (i.e. those usually in .rpmnew file) because I like to keep the config files up-to-date with the package. But when I did so, the KRB5_KTNAME setting got dropped. :-( > Can you please verify that /etc/sysconfig/dirsrv file exists and that > it > contains the following lines?: > > KRB5_CCNAME=/tmp/krb5cc_389 This is actually KRB5CCNAME in my config file. > KRB5_KTNAME=/etc/dirsrv/ds.keytab > > > If not, please add this line to the file, restart dirsrv and try IPA > commands again. That worked. Thanks so much! Cheers, b.
signature.asc
Description: This is a digitally signed message part
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
