Nick Polites via FreeIPA-users wrote: > Apologies for jumping the gun here, I tried to run a full backup and now I am > seeing the following error: > > > Sep 28 09:12:38 hlipa03 sssd[ldap_child[12778]]: Failed to initialize > credentials using keytab [MEMORY:/etc/krb5.keytab]: Preauthentication failed. > Unable to create GSSAPI-encrypted LDAP connection. > > Now seeing some posts I see the following > > Keytab name: FILE:/etc/krb5.keytab > KVNO Principal > ---- > -------------------------------------------------------------------------- > 2 host/[email protected] > 2 host/[email protected] > 2 host/[email protected] > 2 host/[email protected] > 2 host/[email protected] > 2 host/[email protected] > > kvno host/[email protected] > host/[email protected]: kvno = 1 > > So I have a sync issue (probably from the backup/restore) > When I try to sync though I get an error > > ipa-getkeytab -s hlipa03.acme.com -p host/[email protected] -k > /etc/krb5.keytab > SASL Bind failed Invalid credentials (49) ! > Failed to bind to server! > Retrying with pre-4.0 keytab retrieval method... > SASL Bind failed Invalid credentials (49) ! > Failed to bind to server! > Failed to get keytab
I think we need more context on what you've done. What is hlipa03? Is it the restored IPA server or something else? Did you have any other IPA servers? When doing a full restore you must reinitialize any replicas from the restored server. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
