On Fri, May 12, 2023 at 03:45:55PM +0300, Alexander Bokovoy via FreeIPA-users
wrote:
> Correct, run the task, it will produce some output in the dirsrv errorlog.
Ok: I tried to run this on the problematic server, but it seems that
this problem also stops the ipa command working there (I forwarded
On 12.05.23 11:35, Florence Blanc-Renaud via FreeIPA-users wrote:
Hi,
can you provide more details? Did you use the "Default Trust View"
idview or did you create another one? Which attributes did you override
for your AD user?
Of course I can. I should have provided more info in the first p
We found that we have a cert profile that was deleted in the ui and then we
attempted to re-create it, but it will not.
ipa: ERROR: Request failed with status 409: Non-2xx response from CA REST API:
409. Unable to create profile: Profile already exists
The profile does not show in the UI or via
Hello,
I had a similar issue with alma9/ipa 4.10 server and wasn't able to
authenticate on specific resources (virtual machines) and my problem was
that on some of them (debians) there was a missing configuration for
hostname. On other parts of infra (alma8/9) the issue was out of sync clock
- had
Correct, run the task, it will produce some output in the dirsrv errorlog.
On Friday, May 12, 2023, Sam Morris wrote:
> On Fri, May 12, 2023 at 02:32:48PM +0300, Alexander Bokovoy via
FreeIPA-users wrote:
>> Please check whether this user had SID from IPA domain. There might also
be
>> a problem
On Fri, May 12, 2023 at 02:32:48PM +0300, Alexander Bokovoy via FreeIPA-users
wrote:
> Please check whether this user had SID from IPA domain. There might also be
> a problem allocating SIDs, due to incorrect or missing ID range for this
> user's POSIX ID. In that case there could be sidgen plugin
Please check whether this user had SID from IPA domain. There might also be
a problem allocating SIDs, due to incorrect or missing ID range for this
user's POSIX ID. In that case there could be sidgen plugin errors in dirsrv
errorlog.
Sorry for top post, I'm traveling back from SambaXP...
On Frid
Hi folks. This morning I found that one of my IPA servers no longer
wants to authenticate any users (specifically, it doesn't want to issue
any TGTs to users).
It's a fully updated RHEL 9 server; I am sure this has only been a
problem since upgrading to RHEL 9.2 (see my remarks about krb5kdc.log
b
Hi,
can you provide more details? Did you use the "Default Trust View" idview
or did you create another one? Which attributes did you override for your
AD user?
flo
On Thu, May 11, 2023 at 11:02 AM Ronald Wimmer via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> I tried to apply
