account is expired message
Scott Z. via FreeIPA-users wrote:
> It's happened 5 or 6 times over the past year that users attempting to
> log in to various Linux servers (using our IdM servers for
> authentication) are unable to do so. When we look in the
> /var/log/secure file on the c
It's happened 5 or 6 times over the past year that users attempting to log in
to various Linux servers (using our IdM servers for authentication) are unable
to do so. When we look in the /var/log/secure file on the client servers, we
see messages that look like this:
pam_unix(sshd:auth): authen
g funky 🙁
From: Fraser Tweedale
Sent: Wednesday, August 12, 2020 6:02 PM
To: FreeIPA users list
Cc: Rob Crittenden ; Florence Blanc-Renaud
; Alexander Scheel ; Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
On Thu, Aug 13, 2020 at 02:43:33A
t 12, 2020 6:02 PM
To: FreeIPA users list
Cc: Rob Crittenden ; Florence Blanc-Renaud
; Alexander Scheel ; Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
On Thu, Aug 13, 2020 at 02:43:33AM +, Scott Z. via FreeIPA-users wrote:
> Just in case it helps to narrow things down a
Blanc-Renaud
Cc: Scott Z. ; Alexander Scheel
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
Scott Z. via FreeIPA-users wrote:
> Just so I'm not confusing the various servers and roles they play in
> case it impacts what I'm doing (also, in case it matters, these ar
eeIPA (4.5.4).
Scott
From: Rob Crittenden
Sent: Tuesday, August 11, 2020 4:01 PM
To: FreeIPA users list ; Florence
Blanc-Renaud
Cc: Scott Z. ; Alexander Scheel
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
Scott Z. via FreeIPA-users wrote:
> Just so I'm not confusing t
#x27;m assuming it's having a problem doing because its own
cert is already expired?
Scott
From: Rob Crittenden
Sent: Tuesday, August 11, 2020 9:07 AM
To: FreeIPA users list ; Florence
Blanc-Renaud
Cc: Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcat
ay, August 11, 2020 9:07 AM
To: FreeIPA users list ; Florence
Blanc-Renaud
Cc: Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
Scott Z. via FreeIPA-users wrote:
> Adding the "NSSEnforceValidCerts off" definitely got me past the HTTPD
> error. It started up an
t dirsrv@slapd-DOMAIN-COM
> which would produce the error you're seeing.
>
> flo
>
>> Not sure now how to proceed at this point.
>>
>> BTW, I have decided that once I get through this slog and have a working
>> server again, I'm going to donate $50 to th
slapd-DOMAIN-COM
which would produce the error you're seeing.
flo
> Not sure now how to proceed at this point.
>
> BTW, I have decided that once I get through this slog and have a working
> server again, I'm going to donate $50 to the Hawaiian Food Bank or the
> charity of your choice in appreciation.
> Scott
>
>
>
Blanc-Renaud
Sent: Monday, August 10, 2020 8:55 PM
To: FreeIPA users list ; Rob Crittenden
Cc: Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
On 8/10/20 11:46 PM, Scott Z. via FreeIPA-users wrote:
> I stopped the ntp service with the command "timedatectl set_ntp
any Mahalos for your continued support and patience!
Scott
From: Rob Crittenden
Sent: Monday, August 10, 2020 11:36 AM
To: FreeIPA users list ; Florence
Blanc-Renaud
Cc: Scott Z.
Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting
Scott Z. via FreeI
cking on the cert with "getcert list
-i ", it shows "status: CA_REJECTED", and "stuck: yes".
Any additional thoughts or help would be greatly appreciated! And thanks for
the help so far.
Scott
From: Scott Z. via FreeIPA-users
Sent: Mo
cott
>
> ----------------
> *From:* Florence Blanc-Renaud
> *Sent:* Thursday, August 6, 2020 2:46 AM
> *To:* FreeIPA users list
> *Cc:* Scott Z.
> *Subject:* Re: [Freeipa-users] Re: pki-tomcatd not starting
> On 8/6/
DB',pinfile='/etc/httpd/alias/pwdfile.txt'
certificate:
type=NSSDB,location='/etc/dirsrv/slapd-',nickname='Server-Cert',token='NSS
Certificate DB'
CA: IPA
issuer: CN=Certificate Authority,O=
subject: CN=,O=
expires: 2021-09-09 19:51:45 UTC
principal name: HTT
Renaud
Sent: Monday, August 3, 2020 9:34 PM
To: FreeIPA users list
Cc: Scott Z.
Subject: Re: [Freeipa-users] pki-tomcatd not starting
On 8/3/20 10:14 PM, Scott Z. via FreeIPA-users wrote:
> Not sure I'm sending this to the right place, but here it goes. I
> inherited a FreeIPA/Identity Man
Not sure I'm sending this to the right place, but here it goes. I inherited a
FreeIPA/Identity Manager setup in an enclave (no internet access) environment
that is running into problems. There are at least 3 different IdM servers
running in the environment spread out across different geographi
17 matches
Mail list logo