[Freeipa-users] Re: Need help with confusing query results

2022-01-31 Thread Edward Valley via FreeIPA-users
Hi Thierry, Do you want the output of: ldapsearch -LLL -h localhost -x -D "cn=Directory Manager" -w "..." \ -b "cn=users,cn=accounts,dc=..." '(uid=user1)' '*' Or are you talking about something else? Thanks ___ FreeIPA-users mailing list --

[Freeipa-users] 'transportCert cert-pki-kra' mix up

2022-01-31 Thread GH via FreeIPA-users
I've got two ancient (3.1?) IPA servers that have been upgraded over time. Last January things got really goofy with certificates and I got it all sorted. However, now I've got an old issue creeping back in. The 'transportCert cert-pki-kra' is mismatched between the CS.cfg and the tracked

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread code bugs via FreeIPA-users
Thank you Rob, I am having exactly the same problem. On Tue, Feb 1, 2022 at 12:55 AM Rob Crittenden wrote: > code bugs via FreeIPA-users wrote: > > Thank you for your prompt response. > > here is the out put of /var/log/krb5kdc.log during my login attempt. > [snip] > > Feb 01 00:25:44

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread code bugs via FreeIPA-users
Thanks Alexander, looks like the same problem. On Tue, Feb 1, 2022 at 12:59 AM Alexander Bokovoy wrote: > On Вт, 01 фев 2022, code bugs wrote: > >Thank you for your prompt response. > >here is the out put of /var/log/krb5kdc.log during my login attempt. > > > >Feb 01 00:25:10 ipa1.example.com

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread Alexander Bokovoy via FreeIPA-users
On Вт, 01 фев 2022, code bugs wrote: Thank you for your prompt response. here is the out put of /var/log/krb5kdc.log during my login attempt. Feb 01 00:25:10 ipa1.example.com krb5kdc[3755](info): AS_REQ (6 etypes {aes256-cts-hmac-sha1-96(18), camellia256-cts-cmac(26),

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread Rob Crittenden via FreeIPA-users
code bugs via FreeIPA-users wrote: > Thank you for your prompt response. > here is the out put of /var/log/krb5kdc.log during my login attempt. [snip] > Feb 01 00:25:44 ipa1.example.com > krb5kdc[3754](Error): PAC issue: PAC record claims domain SID different > to local

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread code bugs via FreeIPA-users
Thank you for your prompt response. here is the out put of /var/log/krb5kdc.log during my login attempt. Feb 01 00:25:10 ipa1.example.com krb5kdc[3755](info): AS_REQ (6 etypes {aes256-cts-hmac-sha1-96(18), camellia256-cts-cmac(26), aes128-cts-hmac-sha1-96(17), camellia128-cts-cmac(25),

[Freeipa-users] Re: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread Alexander Bokovoy via FreeIPA-users
On la, 29 tammi 2022, code bugs via FreeIPA-users wrote: Hello, -IPA WebGUI login fails with "Login failed due to an unknown reason" -After upgrading IPA, can no longer log into the WebGUI Version/Release/Distribution $ cat /etc/centos-release CentOS Linux release 8.5.2111 $ rpm -q

[Freeipa-users] Fwd: IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread code bugs via FreeIPA-users
Hello, I am having an issue after upgrading the IPA. details are as follows. -IPA WebGUI login fails with "Login failed due to an unknown reason" -After upgrading IPA, can no longer log into the WebGUI Version/Release/Distribution $ cat /etc/centos-release CentOS Linux release 8.5.2111 $ rpm -q

[Freeipa-users] IPA WebGUI login fails with "Login failed due to an unknown reason"

2022-01-31 Thread code bugs via FreeIPA-users
Hello, -IPA WebGUI login fails with "Login failed due to an unknown reason" -After upgrading IPA, can no longer log into the WebGUI Version/Release/Distribution $ cat /etc/centos-release CentOS Linux release 8.5.2111 $ rpm -q freeipa-server freeipa-client ipa-server ipa-client 389-ds-base pki-ca

[Freeipa-users] Re: freeipa with sudo and 2FA (OTP)

2022-01-31 Thread kolev rub via FreeIPA-users
Many thanks! ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List

[Freeipa-users] Re: missing attribute "krbPrincipalName" required by object class "ipaKrbPrincipal"

2022-01-31 Thread Florence Blanc-Renaud via FreeIPA-users
Hi this error is also a known issue, #8865 [Tracker] ipa-replica-install fails on 2nd run (f35+) / #3544 ipa-replica-install fails to reinstall a replica (rawhide) It's been fixed with pki updates

[Freeipa-users] Re: Need help with confusing query results

2022-01-31 Thread Thierry Bordaz via FreeIPA-users
Hi Edward, It is looking the fixup task stop upon the first error. I do not know if it is intentional or a bug. The error is possibly related to schema checking, could you send the ldif format of entry 'uid=user1, cn=users,...' ? regards thierry On 1/29/22 11:36 PM, Edward Valley via