[root@ipaclien01 ~]# echo Secret123 | kinit admin Password for admin@TESTRELM.TEST: [root@ipaclien01 ~]# ipa user-find -------------- 1 user matched -------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash Principal alias: admin@TESTRELM.TEST UID: 1340800000 GID: 1340800000 Account disabled: False ---------------------------- Number of entries returned 1 ---------------------------- [root@ipaclien01 ~]# vim /etc/ipa/default.conf [root@ipaclien01 ~]# ipactl restart IPA is not configured (see man pages of ipa-server-install for help) [root@ipaclien01 ~]# ipa user-find -------------- 1 user matched -------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash Principal alias: admin@TESTRELM.TEST UID: 1340800000 GID: 1340800000 Account disabled: False ---------------------------- Number of entries returned 1 ---------------------------- [root@ipaclien01 ~]# ipa -v user-find ipa: INFO: trying https://ipareplica01.testrelm.test/ipa/session/json ipa: INFO: [try 1]: Forwarding 'user_find/1' to json server 'https://ipareplica01.testrelm.test/ipa/session/json' -------------- 1 user matched -------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash Principal alias: admin@TESTRELM.TEST UID: 1340800000 GID: 1340800000 Account disabled: False ---------------------------- Number of entries returned 1 ---------------------------- [root@ipaclien01 ~]# ipa -vvvv user-find ipa: INFO: trying https://ipareplica01.testrelm.test/ipa/session/json ipa: INFO: Request: { "id": 0, "method": "ping", "params": [ [], {} ] } send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipareplica01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipareplica01.testrelm.test/ipa/xml\r\nCookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 86\r\n\r\n{\n "id": 0, \n "method": "ping", \n "params": [\n [], \n {}\n ]\n}' reply: 'HTTP/1.1 200 Success\r\n' header: Date: Fri, 09 Jun 2017 04:22:16 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: Set-Cookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Vary: Accept-Encoding header: Content-Encoding: gzip header: Cache-Control: no-cache header: Content-Length: 261 header: Content-Type: application/json; charset=utf-8 body: '{"result": {"messages": [{"type": "warning", "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server\'s API version, 2.227", "code": 13001, "data": {"server_version": "2.227"}, "name": "VersionMissing"}], "summary": "IPA server version 4.5.0. API version 2.227"}, "version": "4.5.0", "error": null, "id": 0, "principal": "admin@TESTRELM.TEST"}' ipa: INFO: Response: { "error": null, "id": 0, "principal": "admin@TESTRELM.TEST", "result": { "messages": [ { "code": 13001, "data": { "server_version": "2.227" }, "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.227", "name": "VersionMissing", "type": "warning" } ], "summary": "IPA server version 4.5.0. API version 2.227" }, "version": "4.5.0" } ipa: INFO: [try 1]: Forwarding 'user_find/1' to json server 'https://ipareplica01.testrelm.test/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "user_find/1", "params": [ [], { "version": "2.227" } ] } send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipareplica01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipareplica01.testrelm.test/ipa/xml\r\nCookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 133\r\n\r\n{\n "id": 0, \n "method": "user_find/1", \n "params": [\n [], \n {\n "version": "2.227"\n }\n ]\n}' reply: 'HTTP/1.1 200 Success\r\n' header: Date: Fri, 09 Jun 2017 04:22:16 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: Set-Cookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Vary: Accept-Encoding header: Content-Encoding: gzip header: Cache-Control: no-cache header: Content-Length: 274 header: Content-Type: application/json; charset=utf-8 body: '{"result": {"count": 1, "truncated": false, "result": [{"dn": "uid=admin,cn=users,cn=accounts,dc=testrelm,dc=test", "uid": ["admin"], "loginshell": ["/bin/bash"], "uidnumber": ["1340800000"], "gidnumber": ["1340800000"], "sn": ["Administrator"], "homedirectory": ["/home/admin"], "krbprincipalname": ["admin@TESTRELM.TEST"], "nsaccountlock": false}], "summary": "1 user matched"}, "version": "4.5.0", "error": null, "id": 0, "principal": "admin@TESTRELM.TEST"}' ipa: INFO: Response: { "error": null, "id": 0, "principal": "admin@TESTRELM.TEST", "result": { "count": 1, "result": [ { "dn": "uid=admin,cn=users,cn=accounts,dc=testrelm,dc=test", "gidnumber": [ "1340800000" ], "homedirectory": [ "/home/admin" ], "krbprincipalname": [ "admin@TESTRELM.TEST" ], "loginshell": [ "/bin/bash" ], "nsaccountlock": false, "sn": [ "Administrator" ], "uid": [ "admin" ], "uidnumber": [ "1340800000" ] } ], "summary": "1 user matched", "truncated": false }, "version": "4.5.0" } -------------- 1 user matched -------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash Principal alias: admin@TESTRELM.TEST UID: 1340800000 GID: 1340800000 Account disabled: False ---------------------------- Number of entries returned 1 ---------------------------- [root@ipaclien01 ~]# vim /etc/ipa/default.conf [root@ipaclien01 ~]# ipa -vvvv user-find ipa: INFO: trying https://ipaserver01.testrelm.test/ipa/session/json ipa: INFO: Request: { "id": 0, "method": "ping", "params": [ [], {} ] } send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipaserver01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipaserver01.testrelm.test/ipa/xml\r\nCookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 86\r\n\r\n{\n "id": 0, \n "method": "ping", \n "params": [\n [], \n {}\n ]\n}' reply: 'HTTP/1.1 401 Unauthorized\r\n' header: Date: Fri, 09 Jun 2017 04:23:04 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: WWW-Authenticate: Negotiate header: Set-Cookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Last-Modified: Wed, 07 Jun 2017 17:57:16 GMT header: Accept-Ranges: bytes header: Content-Length: 1474 header: Cache-Control: no-cache header: Content-Type: text/html; charset=UTF-8 send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipaserver01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipaserver01.testrelm.test/ipa/xml\r\nAuthorization: negotiate YIICZQYJKoZIhvcSAQICAQBuggJUMIICUKADAgEFoQMCAQ6iBwMFACAAAACjggFmYYIBYjCCAV6gAwIBBaEPGw1URVNUUkVMTS5URVNUoiwwKqADAgEDoSMwIRsESFRUUBsZcWUtYmxhZGUtMDgudGVzdHJlbG0udGVzdKOCARYwggESoAMCARKhAwIBAaKCAQQEggEAxPKx6Fy9TrAwh4QefFffJAJykz14JEuJND+7jMQ0YlTK9zhMWBVU5P9eyHRBQKMo93PdbP+Vl4prf6OZaPHFf6DNMqMxe6gE9pH3i5dEtBlbkE/vvrSuzdgiZ2Q/4KE162HMSHQYUHh0WuTIOPfBJuAb28VxKIaHwNQndmYWiZ/1/MsOdM0OAbLIiK1FogqXREEyWG9p8BceK96oDzKeRPxJZQrrgqVDYKb0hA+bGkaoM55JkogbqzBuL2i8zwLZpbNYhxlWT8O3W6Uu6P+riOneY82tXrC/ygaVO6PR1nBHhcR3ZW6NljoGkLf2pan2CV75ObunJ/sINrc5D+XEm6SB0DCBzaADAgESooHFBIHCUICT351KdOrDS0KQTKMtIKDnl1TNtnE0bwCj2RCoHLGRJErDr/OLH8EkpTJSHU1Vii+COcEYxELZjsxQFaDAYJG+Fg/Q0G2uaQiPIDW2DqYVY4kdnfXDYNICzCVdWGBAlB7L8k5tHITB2aSHqJrimXTFQFrb8HwV37PIUtdPEc/t62VFl3jc1OWmzu+YJsqlra6hLjl4kc+OSWxkdKitMnK5nmEA6GZFih1RWvReaL5XkGJvyK+6Pi4/vo2YFXbcBtQ=\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 86\r\n\r\n{\n "id": 0, \n "method": "ping", \n "params": [\n [], \n {}\n ]\n}' reply: 'HTTP/1.1 200 Success\r\n' header: Date: Fri, 09 Jun 2017 04:23:04 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: WWW-Authenticate: Negotiate YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKicQRvfaHK88TJsbWzQ5nuSXkBQA/iAh8oXRLz5ecWaeixLnmC6jp743aFAx1Jh0dvWobOAQ45N9DsykIyWq+BXPSPoqsuojazyUB0T5Clhfzrysf0V1M29hShTSwxgFhZi8RSme0qmj946uF94W858fYz header: Set-Cookie: ipa_session=MagBearerToken=cKyJhP09uHpA3%2fkrmLa5vUPK6ipdA0ymPdPC8qBi48f9QuTdVBfYB4NSRHPJ5utHmDFq1gPkRcdRSwb1duZVux1%2bXHE7PSK0C53RH6sMGIGZ1yUHGoHcLUGfgYUMocyOQdH1I4Ebo1WHhHxmf2%2bkSiJBVNXk7v%2bd5BMR48SFdJgM%2b4jiH2uLoUEcjk08J1ec;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Vary: Accept-Encoding header: Content-Encoding: gzip header: Cache-Control: no-cache header: Content-Length: 261 header: Content-Type: application/json; charset=utf-8 body: '{"result": {"messages": [{"type": "warning", "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server\'s API version, 2.227", "code": 13001, "data": {"server_version": "2.227"}, "name": "VersionMissing"}], "summary": "IPA server version 4.5.0. API version 2.227"}, "version": "4.5.0", "error": null, "id": 0, "principal": "admin@TESTRELM.TEST"}' ipa: INFO: Response: { "error": null, "id": 0, "principal": "admin@TESTRELM.TEST", "result": { "messages": [ { "code": 13001, "data": { "server_version": "2.227" }, "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.227", "name": "VersionMissing", "type": "warning" } ], "summary": "IPA server version 4.5.0. API version 2.227" }, "version": "4.5.0" } ipa: INFO: [try 1]: Forwarding 'user_find/1' to json server 'https://ipaserver01.testrelm.test/ipa/session/json' ipa: INFO: Request: { "id": 0, "method": "user_find/1", "params": [ [], { "version": "2.227" } ] } send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipaserver01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipaserver01.testrelm.test/ipa/xml\r\nCookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 133\r\n\r\n{\n "id": 0, \n "method": "user_find/1", \n "params": [\n [], \n {\n "version": "2.227"\n }\n ]\n}' reply: 'HTTP/1.1 401 Unauthorized\r\n' header: Date: Fri, 09 Jun 2017 04:23:04 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: WWW-Authenticate: Negotiate header: Set-Cookie: ipa_session=MagBearerToken=8KlfQ0nzPVwCFSR0q8D3dVf3Zh4Z6Ynm3LtHD%2bR4pFrAe87KYgKAoieEQVZ%2fcy3ODAhIo2rk16dF1oqxeWQMlhnksQGBvTDHEXbcIICXgD%2f7m3AHIkFrReFMvu6Kj%2fgyNFpBVW9KaAZCpWDQzW5%2bc8SarjC28hDFWBsJSgZfXgAmyUMJT0325TpjK%2bizrWqc;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Last-Modified: Wed, 07 Jun 2017 17:57:16 GMT header: Accept-Ranges: bytes header: Content-Length: 1474 header: Cache-Control: no-cache header: Content-Type: text/html; charset=UTF-8 send: u'POST /ipa/session/json HTTP/1.1\r\nHost: ipaserver01.testrelm.test\r\nAccept-Encoding: gzip\r\nAccept-Language: en-us\r\nReferer: https://ipaserver01.testrelm.test/ipa/xml\r\nAuthorization: negotiate YIICZQYJKoZIhvcSAQICAQBuggJUMIICUKADAgEFoQMCAQ6iBwMFACAAAACjggFmYYIBYjCCAV6gAwIBBaEPGw1URVNUUkVMTS5URVNUoiwwKqADAgEDoSMwIRsESFRUUBsZcWUtYmxhZGUtMDgudGVzdHJlbG0udGVzdKOCARYwggESoAMCARKhAwIBAaKCAQQEggEAxPKx6Fy9TrAwh4QefFffJAJykz14JEuJND+7jMQ0YlTK9zhMWBVU5P9eyHRBQKMo93PdbP+Vl4prf6OZaPHFf6DNMqMxe6gE9pH3i5dEtBlbkE/vvrSuzdgiZ2Q/4KE162HMSHQYUHh0WuTIOPfBJuAb28VxKIaHwNQndmYWiZ/1/MsOdM0OAbLIiK1FogqXREEyWG9p8BceK96oDzKeRPxJZQrrgqVDYKb0hA+bGkaoM55JkogbqzBuL2i8zwLZpbNYhxlWT8O3W6Uu6P+riOneY82tXrC/ygaVO6PR1nBHhcR3ZW6NljoGkLf2pan2CV75ObunJ/sINrc5D+XEm6SB0DCBzaADAgESooHFBIHCNAIW9poSmvRRHOOojeXrItVFc51UH2RBsHJSZRP40hedOPyPMLxxDBkcVmUsqygQA7+YITymRaffjLc+G1A9HMqDu61kbU3WbnqxCwPpRijFe5fEgJK7GNFR0Ql/c+jC9m9rswrWQ4qvAlKCyncehsSVxy8QBIJOOjS0X5A+fhRUO9dgmfJwZQoc/2ae8KNlcKxmIic36L1lrNgyOUdZXdmbMHMqhDI6vJitbxldSipUpuaRPGtD/FyV4s9fCSb/jPc=\r\nUser-Agent: xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: application/json\r\nContent-Length: 133\r\n\r\n{\n "id": 0, \n "method": "user_find/1", \n "params": [\n [], \n {\n "version": "2.227"\n }\n ]\n}' reply: 'HTTP/1.1 200 Success\r\n' header: Date: Fri, 09 Jun 2017 04:23:04 GMT header: Server: Apache/2.4.6 (Red Hat Enterprise Linux) mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5 header: WWW-Authenticate: Negotiate YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKicQRvHA5hYU4I6oj+gbUPn7DPr9LcFzxlxir2BLn8C9++Qs/4yflpm6N6sMF61nVXA/bmnJVK6GBGLjphSf44bsrh47KRQ6vwGKmlCbFxHUfNLt00OlbQN9K2WNHlRD60l/ojPm4VxXnjM6FQkaWhCyn0 header: Set-Cookie: ipa_session=MagBearerToken=z2RkeQYyla3OBfQF3ny8s%2fOPQ43sjvBhbZMPo7Mdn6uRil7HWROV%2bSeOt3XyHnCZEZPfMsnoplCZRgP86eXN77iN6h4pkYekYrxlruvUA2tRmI90r7IfCPkPFghH3z5Ybd3%2b0IZD32tR4%2fuu9f4lzwuQ1%2fhymKySzeCAqsb3d%2fSXcQ35WmgBUceBMHiZwkWk;path=/ipa;httponly;secure; header: X-Frame-Options: DENY header: Content-Security-Policy: frame-ancestors 'none' header: Vary: Accept-Encoding header: Content-Encoding: gzip header: Cache-Control: no-cache header: Content-Length: 274 header: Content-Type: application/json; charset=utf-8 body: '{"result": {"count": 1, "truncated": false, "result": [{"dn": "uid=admin,cn=users,cn=accounts,dc=testrelm,dc=test", "uid": ["admin"], "loginshell": ["/bin/bash"], "uidnumber": ["1340800000"], "gidnumber": ["1340800000"], "sn": ["Administrator"], "homedirectory": ["/home/admin"], "krbprincipalname": ["admin@TESTRELM.TEST"], "nsaccountlock": false}], "summary": "1 user matched"}, "version": "4.5.0", "error": null, "id": 0, "principal": "admin@TESTRELM.TEST"}' ipa: INFO: Response: { "error": null, "id": 0, "principal": "admin@TESTRELM.TEST", "result": { "count": 1, "result": [ { "dn": "uid=admin,cn=users,cn=accounts,dc=testrelm,dc=test", "gidnumber": [ "1340800000" ], "homedirectory": [ "/home/admin" ], "krbprincipalname": [ "admin@TESTRELM.TEST" ], "loginshell": [ "/bin/bash" ], "nsaccountlock": false, "sn": [ "Administrator" ], "uid": [ "admin" ], "uidnumber": [ "1340800000" ] } ], "summary": "1 user matched", "truncated": false }, "version": "4.5.0" } -------------- 1 user matched -------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash Principal alias: admin@TESTRELM.TEST UID: 1340800000 GID: 1340800000 Account disabled: False ---------------------------- Number of entries returned 1 ----------------------------