I had (an invalid) Kerberos ticket from previously installed IPA and tried to run ipa-managed-entries with DM password. This is what I got:
ipa-managed-entries
# ipa-managed-entries -p secret123 -l Traceback (most recent call last): File "/usr/sbin/ipa-managed-entries", line 238, in <module> sys.exit(main()) File "/usr/sbin/ipa-managed-entries", line 109, in main conn.do_sasl_gssapi_bind() File "/usr/lib/python2.6/site-packages/ipaserver/ipaldap.py", line 355, in do_sasl_gssapi_bind self.sasl_interactive_bind_s('', SASL_AUTH) File "/usr/lib/python2.6/site-packages/ipaserver/ipaldap.py", line 204, in inner return f(*args, **kargs) File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 227, in sasl_interactive_bind_s return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,EncodeControlTuples(serverctrls),EncodeControlTuples(clientctrls),sasl_flags) File "/usr/lib/python2.6/site-packages/ipaserver/ipaldap.py", line 204, in inner return f(*args, **kargs) File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call result = func(*args,**kwargs) ldap.INVALID_CREDENTIALS: {'info': 'SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Permission denied)', 'desc': 'Invalid credentials'}
Patch ''freeipa-mkosek-155-fix-ipa-managed-entries-bind-procedure.patch'' sent for review freeipa-mkosek-155-fix-ipa-managed-entries-bind-procedure.patch
master: 70cb8bf[[BR]] ipa-2-1: d301007
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0 Core Effort - 2011/11
Login to comment on this ticket.