Hi,
ipa-cacert-manage must be run as root but does not require any Kerberos
ticket.
You can run the following command to check your directory manager password:
/usr/bin/ldapsearch -h localhost -p 389 -D "cn=directory manager" -w
'#-!???<<' -b "" -s base
If the password is wrong, you will get an output like this one:
ldap_bind: Invalid credentials (49)
Otherwise it means that your DM password is OK.
HTH,
Flo.
On 09/13/2016 01:57 PM, Günther J. Niederwimmer wrote:
Hello,
FreeIPA 4.3.1
I like to install my new Startcom Cert and have a Problem with the access ?
I search and found this
ipa-cacert-manage -p '#-!???<<' -n STARTCOM-ROOT -t C,, install
1_root_bundle.crt
but I become this
Insufficient access: Invalid credentials
The ipa-cacert-manage command failed.
Can I test the "DM" Password with a other command or is this a Problem with
ipa-cacert-manage?
I test it with "kinit admin" and without ?
or is this a Problem with the Password when I write this
ipa-cacert-manage -p #-!???<< -n STARTCOM-ROOT -t C,, install
1_root_bundle.crt
I have this answer
ipa-cacert-manage: error: -p option requires an argument
Thanks for a answer,
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project