Hi folks,
We've got an unusual issue that has started to occur recently when trying to view the
Users tab in FreeIPA. Trying to load the page (and display all users) results in a popup
with title "HTTP Error 404" and the text "Cannot connect to the server,
please check API accesibility (certificate, API, proxy, etc.)". This error appears
after "Working" has been displaying for 60 seconds, so it appears to be a
timeout despite the 404 indication.
If we _search_ for a user, any users matching the search term are returned correctly in
the UI. Only when no search is applied do we see the error. Hosts and groups also display
correctly, though any sub page where all users are listed experiences the same issue (such
as parts of Automember). We're able to list all users correctly with "ipa
user-find --all".
There are no relevant browser errors (there's what appears to be an unrelated 404
error about a minified JS file). There doesn't seem to be anything useful in
/var/log/messages or /var/log/ipa*, though /var/log/httpd/error_log contains the following
after a failed lookup:
[Wed Jul 17 15:24:18.475814 2019] [:error] [pid 5383] ipa: DEBUG: WSGI
wsgi_dispatch.__call__:
[Wed Jul 17 15:24:18.475891 2019] [:error] [pid 5383] ipa: DEBUG: WSGI
jsonserver_session.__call__:
[Wed Jul 17 15:24:18.484387 2019] [:error] [pid 5383] ipa: DEBUG: Created connection
context.ldap2_139831284142928
[Wed Jul 17 15:24:18.484471 2019] [:error] [pid 5383] ipa: DEBUG: WSGI
jsonserver.__call__:
[Wed Jul 17 15:24:18.484520 2019] [:error] [pid 5383] ipa: DEBUG: WSGI
WSGIExecutioner.__call__:
[Wed Jul 17 15:24:18.484830 2019] [:error] [pid 5383] ipa: DEBUG: raw:
user_find(u'', sizelimit=0, version=u'2.230', pkey_only=True)
[Wed Jul 17 15:24:18.485157 2019] [:error] [pid 5383] ipa: DEBUG: user_find(None,
sizelimit=0, whoami=False, all=False, raw=False, version=u'2.230',
no_members=True, pkey_only=True)
[Wed Jul 17 15:24:18.493684 2019] [:error] [pid 5383] ipa: INFO: [jsonserver_session]
admin(a)DOMAIN.NZ: user_find(u'', sizelimit=0, version=u'2.230',
pkey_only=True): SUCCESS
[Wed Jul 17 15:24:18.494662 2019] [:error] [pid 5383] ipa: DEBUG: Destroyed connection
context.ldap2_139831284142928
The server was built 3 weeks ago to the day and has 11 users. I was thinking that 3 weeks
is a rather convenient duration and could be something token related with a 21 day expiry,
though this may also be a coincidence. However, the server admin assures me that nothing
was changed between today and yesterday, so I thought it was worth mentioning.
Any help would be greatly appreciated. Thank you.