Zulkifal Ahmad wrote:
Hi Experts , I am trying to run a script from a remote server which creates user principals and generate keytabs on my ipa server installed on CentOS6.5 ipav3 . The issue that I am getting is that when i run the same script from the terminal of the remote server it runs fine and retrieves the keytabs but when it is ran from a webUI of the remote server it gives me an error. " ipa: Error: did not receive kerberos credentials " . FYI my client/remote server is a part of the ipa domain and has the same version of ipa client installed i.e v3.
Because on your local terminal you have a valid ticket when you run it, but running within the web server it doesn't unless you explicitly do a kinit (or delegate the TGT from the requesting web browser).
This procedure was tested on an ordinary MIT Kerberos server and runs with no issues.
Using what tool? I'm guessing you used kadmin or kadmin.local which is an apples to orange comparison.
rob _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
