Steps to reproduce:
# ipa-server-install -a Secret123 -p Secret123 --domain $(hostname -d) --realm $(hostname -d | tr [:lower:] [:upper:]) -U # echo Secret123 | kinit admin # ipa ping
Expected result:
----------------------------------------------------------------------- IPA server version 4.4.90.dev201702221433+git908d2ea. API version 2.218 -----------------------------------------------------------------------
Actual result:
ipa: ERROR: Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2598845123): No credentials cache found
Additional info:
This broke also Web UI's forms based auth (I did not try kerb auth).
But update to gssproxy-0.6.2-1.fc25 fixed the issue for me: https://koji.fedoraproject.org/koji/buildinfo?buildID=861532
Yes I committed a fix to gssproxy and we released a package explicitly to fix this issue in Fedora. We should put in a patch to up the minimum gssproxy version in freeipa.spec.in
Metadata Update from @dkupka: - Issue assigned to someone - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Metadata Update from @pvoborni: - Custom field affects_doc reset - Custom field tester adjusted to wanted - Issue assigned to dkupka (was: someone) - Issue close_status updated to: None
Metadata Update from @pvoborni: - Custom field affects_doc reset - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/511
Metadata Update from @pvoborni: - Custom field affects_doc reset - Issue priority set to: 1 (was: 3) - Issue set to the milestone: FreeIPA 4.5 (was: 0.0 NEEDS_TRIAGE)
master:
Metadata Update from @mbasti: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.