Hi folks,
We've got an unusual issue that has started to occur recently when trying to view the Users tab in FreeIPA. Trying to load the page (and display all users) results in a popup with title "HTTP Error 404" and the text "Cannot connect to the server, please check API accesibility (certificate, API, proxy, etc.)". This error appears after "Working" has been displaying for 60 seconds, so it appears to be a timeout despite the 404 indication.
If we _search_ for a user, any users matching the search term are returned correctly in the UI. Only when no search is applied do we see the error. Hosts and groups also display correctly, though any sub page where all users are listed experiences the same issue (such as parts of Automember). We're able to list all users correctly with "ipa user-find --all".
There are no relevant browser errors (there's what appears to be an unrelated 404 error about a minified JS file). There doesn't seem to be anything useful in /var/log/messages or /var/log/ipa*, though /var/log/httpd/error_log contains the following after a failed lookup:
[Wed Jul 17 15:24:18.475814 2019] [:error] [pid 5383] ipa: DEBUG: WSGI wsgi_dispatch.__call__:
[Wed Jul 17 15:24:18.475891 2019] [:error] [pid 5383] ipa: DEBUG: WSGI jsonserver_session.__call__:
[Wed Jul 17 15:24:18.484387 2019] [:error] [pid 5383] ipa: DEBUG: Created connection context.ldap2_139831284142928
[Wed Jul 17 15:24:18.484471 2019] [:error] [pid 5383] ipa: DEBUG: WSGI jsonserver.__call__:
[Wed Jul 17 15:24:18.484520 2019] [:error] [pid 5383] ipa: DEBUG: WSGI WSGIExecutioner.__call__:
[Wed Jul 17 15:24:18.484830 2019] [:error] [pid 5383] ipa: DEBUG: raw: user_find(u'', sizelimit=0, version=u'2.230', pkey_only=True)
[Wed Jul 17 15:24:18.485157 2019] [:error] [pid 5383] ipa: DEBUG: user_find(None, sizelimit=0, whoami=False, all=False, raw=False, version=u'2.230', no_members=True, pkey_only=True)
[Wed Jul 17 15:24:18.493684 2019] [:error] [pid 5383] ipa: INFO: [jsonserver_session] admin(a)DOMAIN.NZ: user_find(u'', sizelimit=0, version=u'2.230', pkey_only=True): SUCCESS
[Wed Jul 17 15:24:18.494662 2019] [:error] [pid 5383] ipa: DEBUG: Destroyed connection context.ldap2_139831284142928
The server was built 3 weeks ago to the day and has 11 users. I was thinking that 3 weeks is a rather convenient duration and could be something token related with a 21 day expiry, though this may also be a coincidence. However, the server admin assures me that nothing was changed between today and yesterday, so I thought it was worth mentioning.
Any help would be greatly appreciated. Thank you.