FreeIPA-users February 2021

freeipa-users@lists.fedorahosted.org

44 participants
72 discussions

by Kiselev Mikhail

I met with the problem that the user cannot update his own password ipa user-show new User login: new First name: new Last name: new Home directory: /home/new Login shell: /bin/bash Principal name: new(a)OPENTECH.LOCAL Principal alias: new(a)OPENTECH.LOCAL Email address: new(a)e2e4online.ru UID: 346726108 GID: 100 Account disabled: False Password: True Member of groups: ipausers, users Indirect Member of group: jira_users, grafana_users, asterisk_users, perspectiva_rdp, bamboo_users, nexus_users, bitbucket_users, moodle_users, harbor_users, inkass_rdp, desktop, confluence_users, jenkins_users, maven_users, ivideon_users, chat_users, mail_users, nextcloud_users Indirect Member of HBAC rule: login_users Kerberos keys available: True ipa user-status new ----------------------- Account disabled: False ----------------------- Server: ipareplica1.opentech.local Failed logins: 0 Last successful authentication: N/A Last failed authentication: N/A Time now: 2021-01-12T06:58:47Z Server: ipareplica2.opentech.local Failed logins: 0 Last successful authentication: N/A Last failed authentication: N/A Time now: 2021-01-12T06:58:47Z Server: ipa.opentech.local Failed logins: 0 Last successful authentication: N/A Last failed authentication: N/A Time now: 2021-01-12T06:58:47Z ---------------------------- Number of entries returned 3 ---------------------------- ipa -vv passwd ipa: INFO: trying https://ipa.opentech.local/ipa/session/json ipa: INFO: Request: { "id": 0, "method": "ping", "params": [ [], {} ] } ipa: INFO: Response: { "error": null, "id": 0, "principal": "new(a)OPENTECH.LOCAL", "result": { "messages": [ { "code": 13001, "data": { "server_version": "2.231" }, "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.231", "name": "VersionMissing", "type": "warning" } ], "summary": "IPA server version 4.6.6. API version 2.231" }, "version": "4.6.6" } ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server 'https://ipa.opentech.local/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "command_defaults/1", "params": [ [ "passwd/1" ], { "kw": null, "params": [ "principal" ], "version": "2.231" } ] } ipa: INFO: Response: { "error": null, "id": 0, "principal": "new(a)OPENTECH.LOCAL", "result": { "result": { "principal": "new(a)OPENTECH.LOCAL" } }, "version": "4.6.6" } ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server 'https://ipa.opentech.local/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "command_defaults/1", "params": [ [ "passwd/1" ], { "kw": { "principal": "new(a)OPENTECH.LOCAL" }, "params": [ "current_password" ], "version": "2.231" } ] } ipa: INFO: Response: { "error": null, "id": 0, "principal": "new(a)OPENTECH.LOCAL", "result": { "result": {} }, "version": "4.6.6" } Current Password: New Password: Enter New Password again to verify: ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server 'https://ipa.opentech.local/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "command_defaults/1", "params": [ [ "passwd/1" ], { "kw": null, "params": [ "principal" ], "version": "2.231" } ] } ipa: INFO: Response: { "error": null, "id": 0, "principal": "new(a)OPENTECH.LOCAL", "result": { "result": { "principal": "new(a)OPENTECH.LOCAL" } }, "version": "4.6.6" } ipa: INFO: [try 1]: Forwarding 'passwd/1' to json server 'https://ipa.opentech.local/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "passwd/1", "params": [ [], { "current_password": "test", "password": "123", "version": "2.231" } ] } ipa: INFO: Response: { "error": { "code": 2100, "data": { "info": "Insufficient access rights" }, "message": "Insufficient access: Insufficient access rights", "name": "ACIError" }, "id": 0, "principal": "new(a)OPENTECH.LOCAL", "result": null, "version": "4.6.6" } ipa: ERROR: Insufficient access: Insufficient access rights

3 years, 2 months

3
3
0 / 0

389ds replication - ERR - slapi_ldap_bind - Could not send bind request for id

by lejeczek

Hi guys, I'm trying to set up replication for a non-IPA database following RHEL's docs, I'm on Centos Stream, and I get errors: .... [01/Feb/2021:11:25:38.854769282 +0000] - ERR - slapi_ldap_bind - Could not send bind request for id [cn=replication manager,cn=config] authentication mechanism [SIMPLE]: error -1 (Can't contact LDAP server), system error -5987 (Invalid function argument.), network error 0 (Unknown error, host "dzien.private:636") [01/Feb/2021:11:25:38.856822436 +0000] - ERR - NSMMReplicationPlugin - bind_and_check_pwp - agmt="cn=swir-dzien-agreement" (dzien:636) - Replication bind with SIMPLE auth failed: LDAP error -1 (Can't contact LDAP server) (error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding) [01/Feb/2021:11:25:41.874045655 +0000] - ERR - slapi_ldap_bind - Could not send bind request for id [cn=replication manager,cn=config] authentication mechanism [SIMPLE]: error -1 (Can't contact LDAP server), system error -5987 (Invalid function argument.), network error 0 (Unknown error, host "dzien.private:636") ... Instructions seem rather solid & easy to follow. What am I missing when you look at the errors? many thanks, L.

3 years, 2 months

3
7
0 / 0

← Newer
1
2
3
4
5
6
7
8
Older →

2024

2023

2022

2021

2020

2019

2018

2017

FreeIPA-users February 2021