Russell Jones via FreeIPA-users wrote: > Hi all, > > Trying to figure out what is going on and how to correct this issue. > > We have a 4 node cluster of FreeIPA servers, and node 3 can no longer > authenticate one single user (so far... that's the only one I have > found) at random intervals. "Password incorrect". If I take that user's > password and try to login to the web UI on that problem FreeIPA server, > it indeed does not authenticate. > > If I take the same creds to the other 3, it authenticates fine. > > I have tried a force sync, as well as rebooting the node and it fixes it > for an indeterminate amount of time and then that one user fails again > to authenticate to just that one replica. ipa-replica-manage list shows > everything is in sync between everybody as best I can tell. > > Any ideas? Thanks in advance!
If you look into the kerberos, ldap and Apache logs you may be able to identify the underlying reason for the authentication failure. I'd start with kerberos and then check to see what error was thrown in the Apache error log. rob -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
