[Freeipa-users] Re: Please help me find what broke down with my AD authentications

12 Feb 2021


      I'm afraid I don't know how to construct the right ipa-getkeytab command to test. Do I run ipa-getkeytab on the client or on the ipa server? For the IPA$@DOMAIN.EDU principal?
I thought about STARTTLS pointing to a certificate issue. The certs on the ipa server are not expired:
getcert list | grep expires
    expires: 2022-06-18 21:28:39 UTC
    expires: 2022-05-24 03:14:46 UTC
    expires: 2022-05-24 03:15:16 UTC
    expires: 2022-05-24 03:14:56 UTC
    expires: 2038-07-11 18:11:01 UTC
    expires: 2022-05-24 03:14:38 UTC
    expires: 2022-08-01 03:40:17 UTC
    expires: 2022-06-15 03:14:35 UTC
    expires: 2022-06-15 03:14:50 UTC
Could it be an issue with an expired certificate on the AD end?
Thank you!

2025

2024

2023

2022

2021

2020

2019

2018

2017

[Freeipa-users] Re: Please help me find what broke down with my AD authentications