Hi Team,
During the FreeIPA installation on Linux, particularly on Linux and Ubuntu, I've
faced numerous hurdles and made significant observations. Despite configuring the URL for
FreeIPA LDAP setup, we've encountered difficulties accessing it. Even after multiple
attempts to reset the admin and user accounts, we continue to encounter authentication
failures when trying to access the portal. Notably, both Apache and Kerberos services are
operational. We've observed Kerberos Authentication Issues repeatedly. Please find the
attached document for more details.
URLs:
https://ipa-1.devices.devops.tcpwave.com/ipa/ui/
https://ipa-2.devices.devops.tcpwave.com/ipa/ui/
Additionally, we've encountered challenges related to installation and package
availability, particularly on Ubuntu machines. The occurrence of errors related to GSSAPI
authentication, errors 'gss_accept_sec_context() failed' message. Furthermore,
we've faced issues with Kerberos ticket handling, including problems obtaining and
verifying tickets, which may indicate potential concerns with the Key Distribution Center
(KDC).
You didn't include an attachment.
I don't know the current status of Ubuntu as an IPA server but in the
past it has not worked well. There are a lot of moving parts in IPA and
there is basically one maintainer in Debian trying to herd all the cats.
rob