All IPA services work else than IPA UI login. For Admin account it throws the error "Your session has expired. Please re-login."
# cat /var/log/httpd/error_log | grep error [Mon Nov 04 03:30:57.855012 2019] [:error] [pid 26165] ipa: INFO: Starting new HTTP connection (1): ipaserver.home.mydomain.com [Mon Nov 04 03:30:57.858643 2019] [:error] [pid 26165] ipa: INFO: Starting new HTTPS connection (1): ipaserver.home.mydomain.com [Mon Nov 04 04:14:57.945806 2019] [:error] [pid 31576] ipa: INFO: *** PROCESS START *** [Mon Nov 04 04:14:57.973073 2019] [:error] [pid 31579] ipa: INFO: *** PROCESS START *** [Mon Nov 04 04:14:57.977523 2019] [:error] [pid 31578] ipa: INFO: *** PROCESS START *** [Mon Nov 04 04:14:57.993765 2019] [:error] [pid 31577] ipa: INFO: *** PROCESS START *** [Mon Nov 04 04:15:26.343676 2019] [:error] [pid 31578] ipa: INFO: Starting new HTTP connection (1): ipaserver.home.mydomain.com [Mon Nov 04 04:15:26.347563 2019] [:error] [pid 31578] ipa: INFO: Starting new HTTPS connection (1): ipaserver.home.mydomain.com # kinit admin Password for ad...@mydomain.com: # klist Ticket cache: KEYRING:persistent:0:0 Default principal: ad...@mydomain.com Valid starting Expires Service principal 11/04/2019 04:39:36 11/05/2019 04:39:23 krbtgt/mydomain....@mydomain.com # ipa -v ping ipa: INFO: trying https://ipaserver.home.mydomain.com/ipa/json ipa: INFO: [try 1]: Forwarding 'schema' to json server 'https://ipaserver.home.mydomain.com/ipa/json' ipa: INFO: trying https://ipaserver.home.mydomain.com/ipa/session/json ipa: INFO: [try 1]: Forwarding 'ping/1' to json server 'https://ipaserver.home.mydomain.com/ipa/session/json' ------------------------------------------- IPA server version 4.6.5. API version 2.231 ------------------------------------------- # kinit -kt /var/lib/ipa/gssproxy/http.keytab h...@mydomain.com kinit: Keytab contains no suitable keys for h...@mydomain.com while getting initial credentials # kinit -kt /var/lib/ipa/gssproxy/http.keytab HTTP/ipaserver.home.mydomain.com # klist Ticket cache: KEYRING:persistent:0:krb_ccache_jTRWw54 Default principal: HTTP/ipaserver.home.mydomain....@mydomain.com Valid starting Expires Service principal 11/04/2019 04:42:26 11/05/2019 04:42:26 krbtgt/mydomain....@mydomain.com Can someone please help me with what might me the issue? Any suggestions? PS: I have already restarted restart krb5kdc,sssd & httpd services. Thanks in advance, Saurabh Garg _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
