Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1204054
Description of problem: /var/lib/sss/db is not cleared between subsequent installs and uninstalls of the ipa-server with the same domain name. Since the server is also a client, this creates problems with SSSD's authentication on the server. The database entries from the first installation are still referred to even after the server itself has been uninstalled, and a new one (same config as the previous one) has been installed. Version-Release number of selected component (if applicable): ipa 4.1.0 sssd 1.12.2 How reproducible: Easily Steps to Reproduce: 1. ipa-server-install 2. service sshd restart 3. kinit admin <- This always works 4. ssh admin@localhost <- This works for the first time, fails second time onwards ssh admin@ipa_server from external system <- This also works the first time, fails second time onwards 5. ipa-server-install --uninstall 6. goto 1 Actual results: Permission denied Expected results: Successful login Additional info: Although this happens on the server, this is a client issue as experienced by the client implicitly installed on the server. It should also be verified that actual clients don't face this problem when the ipa server is re-installed or migrated to a different system, and the client needs to re-register.
This ticket is not critical for 4.2 GA and can be done in follow-up stabilization release - postponing.
Is this duplicate to #5049?
I believe so
That's great, as #5049 was fixed:
master:[[BR]] 3772993 Clear SSSD caches when uninstalling the client
ipa-4-1:[[BR]] 222427c Clear SSSD caches when uninstalling the client
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.2
Login to comment on this ticket.