[Freeipa-users] scripting question
I'm trying to debug a script that is supposed to auto-setup kerberos for Hadoop. Its not working, and I've boiled down the problem to the fact that for some reason, it wants to use DES as the encryption type. There is no good reason for this, since both freeIPA and Hadoop support modern encryptions, so I want to fix the script. Is there a way for a script to query IPA for the supported encryption types? -- http://www2.charitydynamics.com/site/PageServer?pagename=Boundless_Email_Client -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] buggered 389?
I suddenly started getting errors when I try to use ipa-getkeytab: [root@ipa1 kerberize]# ipa-getkeytab -s jn01 -p hdfs/jn01 -k jn01.hdfs.keytab SASL Bind failed Can't contact LDAP server (-1) ! ldap seems to be answering on the non-SASL port (ei: ldapsearch -x -h localhost CN=richard works fine) but if I don't use the -x, I get: ldapsearch -h localhost CN=richard SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available: I'm kinda at a loss for how to debug this. I'm not really finding any errors in the dirsrv logs, just a warning that my DB is bigger than the cache. I'd appreciate some ideas on where to look. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project