Sunnerstig; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Kerberos delegation error on replica
Johan Sunnerstig wrote:
Hi.
I have two IPA servers in a multi master setup, running IPA 3.0.
They've been working fine for the last ~16 months and started life as 2.2
servers.
Recently
etypes {18 17
16 23}) x.x.x.x: NOT_ALLOWED_TO_DELEGATE: authtime 0,
HTTP/ipa1.domain@domain.tld for ldap/ipa2.domain@domain.tld, No such
file or directory
Any help would be appreciated.
Regards
Johan Sunnerstig
___
Freeipa-users mailing list
Sorce wrote:
On Fri, 2012-11-02 at 08:38 +, Johan Sunnerstig wrote:
Looks a lot like a problem I have as well.
Check out the /proc/xxx/fd directory of the dirsrv process for your
IPA realm, in my case it's full of dead pointers to
/var/tmp/ldap_xxx where xxx will be the same on one IPA
Looks a lot like a problem I have as well.
Check out the /proc/xxx/fd directory of the dirsrv process for your IPA realm,
in my case it's full of dead pointers to /var/tmp/ldap_xxx where xxx will be
the same on one IPA server(I have two in a multi-master setup).
These don't clear out until I
