Yes, that was the issue. I had migrated from an older FreeIPA instance to a
newer one using "ipa migrate-ds" this past summer. I’m not sure why it was
just now causing problems, though. Looking at the “ipaNTSecurityIdentifier”
for all the accounts gave me a pretty good idea as to which users
> Hi,
>
> according to apache documentation in
> https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html#reqgroup, the
> full group DN must be specified:
>
> - 8< -
> Require ldap-group
> This directive specifies an LDAP group whose members are allowed access. It
> takes the
On to, 13 tammi 2022, Dan West via FreeIPA-users wrote:
I am running into a strange issue with a few user accounts where logging into the
web interface gives them the error message "Login failed due to an unknown
reason”. It also prevents them from SSH’ing into IPA bound systems using
I am running into a strange issue with a few user accounts where logging into
the web interface gives them the error message "Login failed due to an unknown
reason”. It also prevents them from SSH’ing into IPA bound systems using
passwords. Pubkeys work fine (as long as it is manually added
On 1/12/22 11:43 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
Attributes in the Employee Information section of the user web page
are blank following a series of OS/IPA updates.
The "ipa user-find --all" cli command shows these attributes fine.
Specifically (in my case):
On 13.01.22 09:29, Ronald Wimmer via FreeIPA-users wrote:
Today the problem reappeared. I cannot login with the admin user. The
error message I get is "The password or username you entered is
incorrect". kinit also does not work.
It seems that the password has changed somehow without user
Today the problem reappeared. I cannot login with the admin user. The
error message I get is "The password or username you entered is
incorrect". kinit also does not work.
It seems that the password has changed somehow without user interaction.
How can we debug this?
Cheers,
Ronald
On
Hi,
according to apache documentation in
https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html#reqgroup, the
full group DN must be specified:
- 8< -
Require ldap-group
This directive specifies an LDAP group whose members are allowed access. It
takes the distinguished name of the
Hello,
I have an IPA setup and AD trust configured. After we removed an OU from AD ,
on the Linux side the users still show as part of those groups from the OU
removed. I run sss_cache -u on both IPA servers and IPA clients, but the issue
seems to not be solved.
Any idea how those groups can
Hello,
I have an IPA setup and AD trust configured. After we removed an OU from AD ,
on the Linux side the users still show as part of those groups from the OU
removed. I run sss_cache -u on both IPA servers and IPA clients, but the issue
seems to not be solved.
Any idea how those groups can
10 matches
Mail list logo