To follow up on this - My problem was caused by the account getting locked because of password failures. I guess when an account gets locked for this reason it only gets locked on that one IPA server....? Either way, problem solved.
On Mon, Mar 24, 2025 at 2:40 PM Russell Jones <[email protected]> wrote: > Hi all, > > Trying to figure out what is going on and how to correct this issue. > > We have a 4 node cluster of FreeIPA servers, and node 3 can no longer > authenticate one single user (so far... that's the only one I have found) > at random intervals. "Password incorrect". If I take that user's password > and try to login to the web UI on that problem FreeIPA server, it indeed > does not authenticate. > > If I take the same creds to the other 3, it authenticates fine. > > I have tried a force sync, as well as rebooting the node and it fixes it > for an indeterminate amount of time and then that one user fails again to > authenticate to just that one replica. ipa-replica-manage list shows > everything is in sync between everybody as best I can tell. > > Any ideas? Thanks in advance! > >
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
