[Freeipa-users] Password token manipulation errors after upgrade
Ian Levesque
ian at crystal.harvard.edu
Wed Jan 4 23:45:59 UTC 2012
Figured out the problem. For future reference, a more informative log entry appeared in /var/log/dirsrv/slapd-<domain>/errors:
Entry "uid=ian,cn=users,cn=accounts,dc=sbgrid,dc=org" has unknown object class "radiusprofile"
Sure enough, when I upgraded our old (v1) FreeIPA server I had to add some schema because "radiusprofile" was a previously-included objectClass. I guess the upgraded server didn't include that schema. After ldapmodifying the user accounts to remove that objectClass, we're back in business.
~irl
On Jan 4, 2012, at 6:32 PM, Ian Levesque wrote:
> Hello,
>
> I've upgraded a FreeIPA server to RHEL 6.2 (from 6.1), putting me at version 2.1.3-9. Since the upgrade, I haven't been able to change any existing passwords, all I get is an "Authentication token manipulation error". Newly-created accounts don't have this problem. I /can/ login using my existing password, but one user's password is expired and is effectively locked out until I can figure this out. Any ideas?
>
> Best,
> Ian
More information about the Freeipa-users
mailing list