The keytab is also valid, i just checked: [root@replica1 ~]# kvno -k /etc/dirsrv/ds.keytab ldap/[email protected] ldap/[email protected]: kvno = 2, keytab entry valid
However the dirsrv user does not seem to have credentials cache, but that the case on others replicas too (on the ones, that do not have any issues): [root@replica1 ~]# sudo -u dirsrv kvno -k /etc/dirsrv/ds.keytab ldap/[email protected] kvno: Credentials cache 'KCM:389' not found while getting client principal name But I suppose, that the directory process just looks up the keys in LDAP anyway. However, if that is the case, why does it have issues retrieving it? -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
