Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-23573

IdM on RHEL Upgrade Issue

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • rhel-8.8.0.z
    • ipa
    • None
    • None
    • Moderate
    • rhel-sst-idm-ipa
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • Customer Identity & Access Management
    • None
    • None
    • None
    • s390x
    • None

      What were you trying to do that didn't work?

      The base RHEL OS of three machines running RedHat Identity Management (IdM) was upgraded from version 8.6 to version 8.8. Following the upgrade, logging into the IdM web console only results in immediately returning to the login screen with a message that says "Your session has expired. Please log in again." Clearing cookies, other browsers and private windows were all tried, none of which resolved the issue.

      Additionally, all "ipa" CLI commands run on the IdM machines return:

      "ipa: ERROR: cannot connect to 'any of the configured servers': https://idmMachine0.company.com/ipa/json, https://idmMachine2.company.com/ipa/json, https://idmMachine3.company.com/ipa/json"

       

      The machines are all online and pingable, however. Running "ipa -v ping" returns the following:

      "ipa -v ping
      ipa: INFO: Connection to https://idmMachine0.company.com/ipa/json failed with Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credential cache is empty)
      ipa: INFO: Connection to https://idmMachine2.company.com/ipa/json failed with Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credential cache is empty)
      ipa: INFO: Connection to https://idmMachine3.company.com/ipa/json failed with Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credential cache is empty)
      ipa: ERROR: cannot connect to 'any of the configured servers': https://idmMachine0.company.com/ipa/json, https://idmMachine2.company.com/ipa/json, https://idmMachine3.company.com/ipa/json"

       

      Finally, it is worth noting that some services provided by IdM, including LDAP, are still functioning normally. Also, if this is the wrong location for this bug, directing me to the right location would be greatly appreciated!

      Please provide the package NVR for which bug is seen:

      RHEL 8.8 running on s390x with ipa-server-common-4.9.11-9.module+el8.8.0+20825+52dd1628.noarch

      How reproducible:

      Really not sure. All three machines in this cluster are facing the same issue.

      Steps to reproduce

      1. IdM installed on 3 RHEL 8.6 machines
      2. Upgrade each system to RHEL 8.8
      3. Attempt "ipa ping" from the command line

      Expected results

      ipa ping returns correctly.

      Actual results

      An error stating:

      "ipa: ERROR: cannot connect to 'any of the configured servers': https://idmMachine0.company.com/ipa/json, https://idmMachine2.company.com/ipa/json, https://idmMachine3.company.com/ipa/json"

              frenaud@redhat.com Florence Renaud
              jbeha747 Joshua Beha (Inactive)
              Florence Renaud Florence Renaud
              IPA QE Bot IPA QE Bot
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: