Re: [Freeipa-users] Revisiting ILO
On 11/05/2013 02:51 PM, KodaK wrote: If I use the whole connection string: uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com I can authenticate. Does this count as SOLVED? If so can you please reply with the SOLVED in the subject? On Tue, Nov 5, 2013 at 1:40 PM, KodaK sako...@gmail.com mailto:sako...@gmail.com wrote: I'm attempting to get HP ILO authenticating against IPA again. I've configured the user context in ILO as: cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com When ILO tries to connect, it sends the string: CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com Which, of course, doesn't exist. IPA uses uid=username, but as far as I can tell I can't tell ILO to use a different username attribute. It doesn't even look like it's trying to use a username attribute. I've tried to force it to look for uid=jebalicki by using uid=jebalicki in the login field, but that fails too. The errors in the errors log look like this: [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry
[Freeipa-users] Revisiting ILO
I'm attempting to get HP ILO authenticating against IPA again. I've configured the user context in ILO as: cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com When ILO tries to connect, it sends the string: CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com Which, of course, doesn't exist. IPA uses uid=username, but as far as I can tell I can't tell ILO to use a different username attribute. It doesn't even look like it's trying to use a username attribute. I've tried to force it to look for uid=jebalicki by using uid=jebalicki in the login field, but that fails too. The errors in the errors log look like this: [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 And the access log looks like this: [05/Nov/2013:13:32:06 -0600] conn=214941 fd=438 slot=438 SSL connection from 10.200.10.192 to 10.200.16.170 [05/Nov/2013:13:32:06 -0600] conn=214941 SSL 256-bit AES [05/Nov/2013:13:32:06 -0600] conn=214941 op=0 BIND dn=uid=jebalicki method=128 version=2 [05/Nov/2013:13:32:06 -0600] conn=214941 op=0 RESULT err=32 tag=97 nentries=0 etime=0 [05/Nov/2013:13:32:06 -0600] conn=214941 op=1 BIND dn=CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com method=128 version=2 [05/Nov/2013:13:32:07 -0600] conn=214941 op=1 RESULT err=32 tag=97 nentries=0 etime=1 [05/Nov/2013:13:32:07 -0600] conn=214941 op=2 UNBIND [05/Nov/2013:13:32:07 -0600] conn=214941 op=2 fd=438 closed - U1 [05/Nov/2013:13:32:07
Re: [Freeipa-users] Revisiting ILO
If I use the whole connection string: uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com I can authenticate. On Tue, Nov 5, 2013 at 1:40 PM, KodaK sako...@gmail.com wrote: I'm attempting to get HP ILO authenticating against IPA again. I've configured the user context in ILO as: cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com When ILO tries to connect, it sends the string: CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com Which, of course, doesn't exist. IPA uses uid=username, but as far as I can tell I can't tell ILO to use a different username attribute. It doesn't even look like it's trying to use a username attribute. I've tried to force it to look for uid=jebalicki by using uid=jebalicki in the login field, but that fails too. The errors in the errors log look like this: [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry jebalicki: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:22:05 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry uid=jebalicki: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_preop - [file ipa_lockout.c, line 645]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 [05/Nov/2013:13:27:39 -0600] ipalockout_postop - [file ipa_lockout.c, line 421]: Failed to retrieve entry CN=uid=jebalicki,cn=users,cn=accounts,dc=unix,dc=magellanhealth,dc=com: 32 And the access log looks like this: [05/Nov/2013:13:32:06 -0600] conn=214941 fd=438 slot=438 SSL connection from 10.200.10.192 to 10.200.16.170 [05/Nov/2013:13:32:06 -0600] conn=214941 SSL 256-bit AES [05/Nov/2013:13:32:06 -0600] conn=214941 op=0 BIND dn=uid=jebalicki method=128 version=2 [05/Nov/2013:13:32:06 -0600] conn=214941 op=0 RESULT err=32 tag=97 nentries=0 etime=0 [05/Nov/2013:13:32:06 -0600] conn=214941 op=1 BIND
