VERSION: 4.2.90.201508241517GITb202afb, API_VERSION: 2.152
[root@freeipabox ~]# ipa user-add --first=Foo --last=Bar --homedir=/home/foobar --password foobar Password: Enter Password again to verify: ------------------- Added user "foobar" ------------------- User login: foobar First name: Foo Last name: Bar Full name: Foo Bar Display name: Foo Bar Initials: FB Home directory: /home/foobar GECOS: Foo Bar Login shell: /bin/sh Kerberos principal: foobar@ABC.EXAMPLE.COM Email address: foobar@abc.example.com UID: 1025000046 GID: 1025000046 Password: True Member of groups: ipausers Kerberos keys available: True -sh-4.3$ whoami foobar -sh-4.3$ ipa vault-find ---------------- 0 vaults matched ---------------- ---------------------------- Number of entries returned 0 ---------------------------- [root@freeipabox ~]# ipa user-del foobar --------------------- Deleted user "foobar" --------------------- [root@freeipabox ~]# ipa user-show foobar ipa: ERROR: foobar: user not found [root@freeipabox ~]# id foobar uid=1025000046(foobar) gid=1025000046(foobar) groups=1025000046(foobar) -sh-4.3$ ipa vault-find ipa: ERROR: Insufficient access: SASL(-14): authorization failure: Invalid credentials -sh-4.3$ cd -sh-4.3$ pwd /home/foobar -sh-4.3$ ls -sh-4.3$ ipa user-find ipa: ERROR: Can't connect to server: Already connected [root@freeipabox ~]# ipa user-find ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error -sh-4.3$ exit logout Connection to 192.168.1.1 closed. [root@freeipabox ~]# ipa user-find ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error [root@freeipabox ~]# ipa vault-find ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error # after some time [root@freeipabox ~]# ipa vault-find ipa: ERROR: Can't connect to server: Already connected [root@freeipabox ~]# ipa user-find ipa: ERROR: Can't connect to server: Already connected [root@freeipabox ~]# ipa config-show ipa: ERROR: Can't connect to server: Already connected # make it working again [root@freeipabox ~]# systemctl restart ipa [root@freeipabox ~]# ipa config-show Maximum username length: 32 Home directory base: /home Default shell: /bin/sh Default users group: ipausers - SNIP - [root@freeipabox ~]# ipa vault-find ---------------- 0 vaults matched ---------------- ---------------------------- Number of entries returned 0 ----------------------------
[root@freeipabox slapd-ABC-EXAMPLE-COM]# ausearch -m avc -ts recent <no matches> [root@freeipabox slapd-ABC-EXAMPLE-COM]# pwd; cat errors /var/log/dirsrv/slapd-ABC-EXAMPLE-COM 389-Directory/1.3.4.3 B2015.209.428 freeipabox.abc.example.com:636 (/etc/dirsrv/slapd-ABC-EXAMPLE-COM) [01/Sep/2015:11:37:16 +0200] get_dom_sid - [file ipa_sidgen_common.c, line 75]: Internal search failed. [01/Sep/2015:11:39:11 +0200] get_dom_sid - [file ipa_sidgen_common.c, line 75]: Internal search failed.
Also, you won't be able to login via webui (Internal Error) until you restart the server.
Taking over the ticket, as agreed with tbabej.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1259848
Fixed. master:
ipa-4-2:
Metadata Update from @alich: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.2.1
Login to comment on this ticket.