Hello Nathan,
you can file the bug on Red Hat Bugzilla (bugzilla.redhat.com), you can use
this link:
https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%206
Thanks in advance!
Martin
On 09/21/2012 05:53 PM, Nathan Lager wrote:
Sure thing, can you point me to where
: Thursday, September 20, 2012 2:46:20 PM
Subject: Re: [Freeipa-users] sudden ipa errors.
On 09/20/2012 02:28 PM, Rob Crittenden wrote:
Nathan Lager wrote:
On 09/20/2012 11:43 AM, Rob Crittenden wrote:
Lager, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com
Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/21/2012 10:18 AM, Rob Crittenden wrote:
Lager, Nathan T. wrote:
Well, after all of this, RedHat support just resolved my issue!
It came down the the domain_realm definitions in /etc/krb5.conf.
They had me change:
:
freeipa-users@redhat.com Sent: Thursday, September 20, 2012
2:46:20 PM Subject: Re: [Freeipa-users] sudden ipa errors. On
09/20/2012 02:28 PM, Rob Crittenden wrote:
Nathan Lager wrote:
On 09/20/2012 11:43 AM, Rob Crittenden wrote:
Lager, Nathan T. wrote:
- Original Message
Lager, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com
To: Nathan Lager lag...@lafayette.edu
Cc: freeipa-users@redhat.com
Sent: Wednesday, September 19, 2012 4:35:30 PM
Subject: Re: [Freeipa-users] sudden ipa errors.
Nathan Lager wrote:
-BEGIN PGP
:
[Freeipa-users] sudden ipa errors. Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 09/19/2012 03:47 PM, Rob Crittenden wrote:
Dmitri Pal wrote:
Rob, keytab and kerberos part seems to be fine, ldap
works too. Can it be one of the certs? May be some cert
expired
On 09/20/2012 11:43 AM, Rob Crittenden wrote:
Lager, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com To: Nathan Lager
lag...@lafayette.edu Cc: freeipa-users@redhat.com Sent:
Wednesday, September 19, 2012 4:35:30 PM Subject: Re:
[Freeipa-users
: Wednesday, September 19, 2012 4:35:30 PM Subject:
Re: [Freeipa-users] sudden ipa errors. Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 09/19/2012 03:47 PM, Rob Crittenden wrote:
Dmitri Pal wrote:
Rob, keytab and kerberos part seems to be fine, ldap
works too. Can
Message -
From: Nathan Lager lag...@lafayette.edu
To: Rob Crittenden rcrit...@redhat.com
Cc: freeipa-users@redhat.com
Sent: Thursday, September 20, 2012 2:46:20 PM
Subject: Re: [Freeipa-users] sudden ipa errors.
On 09/20/2012 02:28 PM, Rob Crittenden wrote:
Nathan Lager wrote:
On 09/20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/18/2012 03:06 PM, Nathan Lager wrote:
Sorry for falling off like that.
I opened a RedHat ticket on the issue, and have been running in
circles with them. I forgot to check on the list for responses.
I'm still having problems. Someone
Lager, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com
To: Nathan Lager lag...@lafayette.edu
Cc: freeipa-users@redhat.com
Sent: Tuesday, September 18, 2012 5:17:00 PM
Subject: Re: [Freeipa-users] sudden ipa errors.
Ok, what are the permissions
:
[Freeipa-users] sudden ipa errors.
Ok, what are the permissions on the keytab,
/etc/httpd/conf/ipa.keytab? They should be apache:apache mode
0600.
[lagern@caroline0 PROD ~]$ ls -lZ /etc/httpd/conf/ipa.keytab
-rw---. apache apache
unconfined_u:object_r:httpd_config_t:s0
/etc/httpd/conf/ipa.keytab
: Tuesday, September 18, 2012 5:17:00 PM Subject: Re:
[Freeipa-users] sudden ipa errors.
Ok, what are the permissions on the keytab,
/etc/httpd/conf/ipa.keytab? They should be apache:apache
mode 0600.
[lagern@caroline0 PROD ~]$ ls -lZ /etc/httpd/conf/ipa.keytab
-rw---. apache apache
@redhat.com
Sent: Tuesday, September 18, 2012 5:17:00 PM Subject: Re:
[Freeipa-users] sudden ipa errors.
Ok, what are the permissions on the keytab,
/etc/httpd/conf/ipa.keytab? They should be apache:apache
mode 0600.
[lagern@caroline0 PROD ~]$ ls -lZ /etc/httpd/conf/ipa.keytab
-rw---. apache apache
-
From: Rob Crittenden rcrit...@redhat.com To:
Nathan Lager lag...@lafayette.edu Cc:
freeipa-users@redhat.com Sent: Tuesday, September 18,
2012 5:17:00 PM Subject: Re: [Freeipa-users] sudden ipa
errors.
Ok, what are the permissions on the keytab,
/etc/httpd/conf/ipa.keytab? They should
, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com To:
Nathan Lager lag...@lafayette.edu Cc:
freeipa-users@redhat.com Sent: Tuesday, September 18,
2012 5:17:00 PM Subject: Re: [Freeipa-users] sudden ipa
errors.
Ok, what are the permissions
, Rob Crittenden wrote:
Lager, Nathan T. wrote:
- Original Message -
From: Rob Crittenden rcrit...@redhat.com To:
Nathan Lager lag...@lafayette.edu Cc:
freeipa-users@redhat.com Sent: Tuesday, September 18,
2012 5:17:00 PM Subject: Re: [Freeipa-users] sudden ipa
errors
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/19/2012 03:47 PM, Rob Crittenden wrote:
Dmitri Pal wrote:
Rob, keytab and kerberos part seems to be fine, ldap works too.
Can it be one of the certs? May be some cert expired?
No, the error is coming from GSSAPI, it is unfortunately
Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/19/2012 03:47 PM, Rob Crittenden wrote:
Dmitri Pal wrote:
Rob, keytab and kerberos part seems to be fine, ldap works too.
Can it be one of the certs? May be some cert expired?
No, the error is coming from GSSAPI, it
Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry for falling off like that.
I opened a RedHat ticket on the issue, and have been running in
circles with them. I forgot to check on the list for responses.
I'm still having problems. Someone suggested I try:
kinit -kt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
IM going to respond inline to avoid confusion.
On 09/18/2012 03:22 PM, Rob Crittenden wrote:
I think we need to start with the basics, so here is a slew of
questions, things to try:
You said you enabled password auth? Did you do this by
Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
IM going to respond inline to avoid confusion.
On 09/18/2012 03:22 PM, Rob Crittenden wrote:
I think we need to start with the basics, so here is a slew of
questions, things to try:
You said you enabled password auth? Did you
- Original Message -
From: Rob Crittenden rcrit...@redhat.com
To: Nathan Lager lag...@lafayette.edu
Cc: freeipa-users@redhat.com
Sent: Tuesday, September 18, 2012 5:17:00 PM
Subject: Re: [Freeipa-users] sudden ipa errors.
Ok, what are the permissions on the keytab,
/etc/httpd
On 08/24/2012 04:43 PM, Rob Crittenden wrote:
Nathan Lager wrote:
This did not seem to help...
What else isn't working? Does the UI work? Do clients on other
machines work? Does user lookup still work?
rob
Was this issue ever resolved?
On 08/22/2012 06:02 PM, Rob Crittenden wrote:
Nathan Lager wrote:
This did not seem to help...
What else isn't working? Does the UI work? Do clients on other machines
work? Does user lookup still work?
rob
On 08/22/2012 06:02 PM, Rob Crittenden wrote:
Nathan Lager wrote:
[root@ipaserver PROD krb5kdc]# ipactl status
Directory
This did not seem to help...
On 08/22/2012 06:02 PM, Rob Crittenden wrote:
Nathan Lager wrote:
[root@ipaserver PROD krb5kdc]# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
MEMCACHE Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING
- Original Message -
I have a RHEL ipa server setup and running. Its been running for a
while now, and suddenly, today, i'm having trouble authenticating to
it, or changing my password.
The error i'm getting at the command line is:
[lagern@ipaserver PROD ~]$ ipa passwd
Current
Nathan Lager wrote:
I have a RHEL ipa server setup and running. Its been running for a
while now, and suddenly, today, i'm having trouble authenticating to
it, or changing my password.
The error i'm getting at the command line is:
[lagern@ipaserver PROD ~]$ ipa passwd
Current Password:
New
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I tried the same, kinit, and then ipa passwd commands as before,
here's the output:
Aug 22 14:32:13 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
etypes {18 17 16 23}) ipa-servers-ip: NEEDED_PREAUTH:
lag...@systems.lafayette.edu for
Nathan Lager wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I tried the same, kinit, and then ipa passwd commands as before,
here's the output:
Aug 22 14:32:13 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
etypes {18 17 16 23}) ipa-servers-ip: NEEDED_PREAUTH:
[root@ipaserver PROD krb5kdc]# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
MEMCACHE Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING
[root@ipaserver PROD krb5kdc]# rpm -qa | grep ipa-server
ipa-server-selinux-2.2.0-16.el6.x86_64
Nathan Lager wrote:
[root@ipaserver PROD krb5kdc]# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
MEMCACHE Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING
[root@ipaserver PROD krb5kdc]# rpm -qa | grep ipa-server
32 matches
Mail list logo