Issue #3328: Missing krbticketpolicyaux objectclass makes kadmin.local fail in v2.2 - freeipa

freeipa

#3328 Missing krbticketpolicyaux objectclass makes kadmin.local fail in v2.2

Closed: Fixed None Opened 11 years ago by sbose.

If a new host object is created with 'ipa host-add' the new object does not have the objectclass KrbTicketPolicyAux. This causes issues if e.g. other flags should be added with kadmin.local

kadmin.local:  modprinc +ok_as_delegate host/testhost.idm.com@IDM.COM
modify_principal: Kerberos database internal error while modifying "host/testhost.idm.com@IDM.COM".

It looks like this is already fixed in FreeIPA v3.

sbose commented 11 years ago

Additional info: the directory server logs say:

[07/Jan/2013:10:49:41 -0500] - Entry "fqdn=testhost.idm.com,cn=computers,cn=accounts,dc=idm,dc=com" -- attribute "krbTicketFlags" not allowed

dpal commented 11 years ago

This is already fixed in v3. Closing. The instructions can be found on the mailing list: https://www.redhat.com/archives/freeipa-users/2013-January/msg00043.html

sbose commented 11 years ago

Workaround from the mailing list:

ipa host-mod --addattr='objectclass=krbTicketPolicyAux' testhost.idm.com

Metadata Update from @sbose:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 2.2 Stabilization

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 2.2 Stabilization

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#3328 Missing krbticketpolicyaux objectclass makes kadmin.local fail in v2.2 Closed: Fixed None Opened 11 years ago by sbose.

Metadata

#3328 Missing krbticketpolicyaux objectclass makes kadmin.local fail in v2.2

Closed: Fixed None Opened 11 years ago by sbose.