Hi Kathy
Has anything happen to your dns? It’s reporting “ Cannot contact any KDC for
requested realm”
Which makes me think it’s either a dns or network related issue.
Regards
Per
Sent from my Commodore 64
> 22. sep. 2021 kl. 03:17 skrev Kathy Zhu via FreeIPA-users
> :
>
> Cannot conta
Hi François,
The IPA server is a VMware virtual host. I have NTP configured on all IPA
servers and monitor NTP service as well. I do not manage the VMware infra
myself, I will check my coworker and get back to you.
The software versions:
Centos 7-8.2003.0 SELinux enabled
ipa-server.x86_644.
Hi François,
It is confirmed that the VM host is configured with NTP. Now I need to dig
into the reason for the time gap. Thank you so much for pointing it out.
Thanks.
Kathy.
On Wed, Sep 22, 2021 at 8:27 AM Kathy Zhu wrote:
> Hi François,
>
> The IPA server is a VMware virtual host. I have NT
> Florence Renaud via FreeIPA-users wrote:
> IIRC some browsers, notably on Windows, when the initial GSSAPI
> handshake fails because there is no ticket, may either throw an error
> because they are trying NTLM auth or don't understand the basic fallback.
>
> What browser(s) are you seeing the is
Hello,
I can also confirm this is a normal occurrence on Windows while using
Chrome and Edge. Firefox, however, does not do this. It is a bit confusing
for new users of IPA as they will generally treat it as a login prompt,
although it doesn't do anything for them. I have been curious about this
p
Hi François,
I noticed that the previous time 1629054212 in the following two log
entries are the same! I wonder if there is a fixed time instead of a
wrong clock?
Thanks!
Kathy.
[21/Sep/2021:11:37:29.469422032 -0700] - INFO - csngen_new_csn - Detected
large jump in CSN time. Delta: 3195237 (
On ke, 22 syys 2021, Cutright, Jacob via FreeIPA-users wrote:
Hello,
I can also confirm this is a normal occurrence on Windows while using
Chrome and Edge. Firefox, however, does not do this. It is a bit confusing
for new users of IPA as they will generally treat it as a login prompt,
although i
Hello,
I'm looking forward to add 2FA, SAML2 & OIDC interfaces to my
authentication services running on FreeIPA. Are there any recommended
integrations?.
I'm thinking about implementing Authelia or Keycloak. My main concern is
the first forced password change & following password expirations (sho
Lemonldap maybe?
On Thu, Sep 23, 2021, 01:23 Ciro Iriarte wrote:
> Hello,
>
> I'm looking forward to add 2FA, SAML2 & OIDC interfaces to my
> authentication services running on FreeIPA. Are there any recommended
> integrations?.
>
> I'm thinking about implementing Authelia or Keycloak. My main c
