[Freeipa-users] sudden ipa errors.

[Rob Crittenden]

Nathan Lager wrote:
> This did not seem to help...
>

What else isn't working? Does the UI work? Do clients on other machines 
work? Does user lookup still work?

rob

>
> On 08/22/2012 06:02 PM, Rob Crittenden wrote:
>> Nathan Lager wrote:
>>> [root at ipaserver PROD krb5kdc]# ipactl status
>>> Directory Service: RUNNING
>>> KDC Service: RUNNING
>>> KPASSWD Service: RUNNING
>>> MEMCACHE Service: RUNNING
>>> HTTP Service: RUNNING
>>> CA Service: RUNNING
>>> [root at ipaserver PROD krb5kdc]# rpm -qa | grep ipa-server
>>> ipa-server-selinux-2.2.0-16.el6.x86_64
>>> ipa-server-2.2.0-16.el6.x86_64
>>
>> I'd try removing /tmp/krb5cc_48. This is the ccache used by Apache for
>> doing S4U2Proxy. No restart of httpd should be required.
>>
>> rob
>>
>>>
>>>
>>> On 08/22/2012 04:08 PM, Rob Crittenden wrote:
>>>> Nathan Lager wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>>
>>>>> I tried the same, kinit, and then ipa passwd commands as before,
>>>>> here's the output:
>>>>>
>>>>> Aug 22 14:32:13 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
>>>>> etypes {18 17 16 23}) ipa-servers-ip: NEEDED_PREAUTH:
>>>>> lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>> krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU, Additional
>>>>> pre-authentication required
>>>>>
>>>>> Aug 22 14:32:19 ipaserver.lafayette.edu krb5kdc[1438](info): AS_REQ (4
>>>>> etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
>>>>> etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>> krbtgt/SYSTEMS.LAFAYETTE.EDU at SYSTEMS.LAFAYETTE.EDU
>>>>>
>>>>> Aug 22 14:32:35 ipaserver.lafayette.edu krb5kdc[1438](info): TGS_REQ
>>>>> (4 etypes {18 17 16 23}) ipa-servers-ip: ISSUE: authtime 1345660339,
>>>>> etypes {rep=18 tkt=18 ses=18}, lagern at SYSTEMS.LAFAYETTE.EDU for
>>>>> HTTP/ipaserver.lafayette.edu at SYSTEMS.LAFAYETTE.EDU
>>>>
>>>> What version of IPA is this?
>>>>
>>>> Does ipactl status show all services up?
>>>>
>>>> rob
>>>
>>>
>>
>>
>