On 05/14/2018 01:29 PM, Alexander Bokovoy wrote:
Talking with Simo, we realized that since we are using random salt for
all IPA principals, you need to know the salt when creating a keytab
entry. You only can retrieve that via KRB5_TRACE for kinit like I did in
https://paste.fedoraproject.org/pas
Greetings,
I am trying to follow steps at https://kb.iu.edu/d/aumh to create
freeipa admin keytab to use in some scripts but getting an error
kinit: Preauthentication failed while getting initial credentials
Does anyone know what I am missing here?
Thanks,
Josh.
$ ktutil
ktutil: addent -pa
On 05/12/2018 01:53 AM, Alexander Bokovoy wrote:
On pe, 11 touko 2018, Josh wrote:
On 05/11/2018 01:19 AM, Alexander Bokovoy wrote:
On to, 10 touko 2018, Josh via FreeIPA-users wrote:
Server certificate has expired and all ipa utilities fail.
Could you please stay on topic and explain if you
On 05/11/2018 01:19 AM, Alexander Bokovoy wrote:
On to, 10 touko 2018, Josh via FreeIPA-users wrote:
Server certificate has expired and all ipa utilities fail.
Could you please stay on topic and explain if you can why ktutil
can't be used as described in https://kb.iu.edu/d/aumh?
Doe
On 05/10/2018 02:21 PM, Robbie Harwood wrote:
None via FreeIPA-users writes:
Josh writes:
Destroy the keytab. Recreate using ipa-getkeytab.
I can't use ipa-getkeytab at the moment. Is getting keytab via ktutil
not possible at all? Any technical details about it?
How can you use ktutil bu
On 05/10/2018 10:26 AM, Rob Crittenden wrote:
Josh via FreeIPA-users wrote:
Greetings,
I am trying to follow steps at https://kb.iu.edu/d/aumh to create
freeipa admin keytab to use in some scripts but getting an error
kinit: Preauthentication failed while getting initial credentials
This
Greetings,
I am trying to follow steps at https://kb.iu.edu/d/aumh to create
freeipa admin keytab to use in some scripts but getting an error
kinit: Preauthentication failed while getting initial credentials
Does anyone know what I am missing here?
Thanks,
Josh.
PS. attempt to include detai
On 10/10/2017 04:31 PM, Rob Crittenden wrote:
Josh wrote:
Greetings to all,
A follow up on
https://www.redhat.com/archives/freeipa-users/2017-January/msg00051.html
I missed expiration date and now ipa-certupdate command fails with SSL:
CERTIFICATE_VERIFY_FAILED.
Should I update httpd certific
Greetings to all,
A follow up on
https://www.redhat.com/archives/freeipa-users/2017-January/msg00051.html
I missed expiration date and now ipa-certupdate command fails with SSL:
CERTIFICATE_VERIFY_FAILED.
Should I update httpd certificate manually or there is a workaround to
allow ipa-cert
