Versions Compared

Old Version 67

changes.mady.by.user Francesco Murdaca

Saved on

compared with

New Version 68

changes.mady.by.user Francesco Murdaca

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

You could identify this error during tests or enrloment(e.g. running a ipa command) or enrollment of a machine into LDAP, after the migration from Centos7 to Rocky8.

Example error:

  1. Code Block
    [root@replica-first ~]# ipa --verbose
ipa: INFO: Connection to https://replica-first.coreservices.ewc/ipa/session/json failed with <ProtocolError for replica-first.coreservices.ewc/ipa/session/json: 401 Unauthorized>
ipa: INFO: Connection to https://ldap.coreservices.ewc/ipa/session/json failed with [Errno -2] Name or service not known
ipa: ERROR: cannot connect to 'any of the configured servers': https://replica-first.coreservices.ewc/ipa/session/json, https://ldap.coreservices.ewc/ipa/session/json


In order to fix this authentication issue:

  1. SSH to the LDAP machine
  2. become root
  3. Run the following 
    Code Block
    python3 /usr/libexec/ipa/oddjob/org.freeipa.server.config-enable-sid --add-sids
  4. finally kinit with the admin user and try to run ipa commands to verify it works

...