I've just finished setting up a new IPA server, planning to use
it and some replicas to replace our existing servers. I did this
by dumping all the data from the old ones using a series of ipa
commands and then used custom parsers to re-create the entries on
the new one (so as not to propagate our lack of CA into the new
When I went to set new passwords on all the migrated accounts, I get this error in the web ui: "IPA Error 4031: EmptyResult no matching entry found".
The CLI results in this:
# ipa user-mod homer --random
ipa: ERROR: Operations error: key encryption/encoding failed
Any idea what might cause this and how I should fix it?