But this help me:
systemctl stop sssd
rm -rf /var/lib/sss/db/*
systemctl restart sssd
*—*
*Petar Kozić*
Hi,
On Fri, Jan 31, 2020 at 2:48 PM Petar Kozić via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Hi,
I have one IPA server dirsrv001 and newone dirsrv002
dirsrv001 is old server from where I want to unroll my VPS’s and join to
new
server. I do some testing with Ubuntu VPS’s and that works perfect.
I have problem with one Centos 7 server.
I join client to dirsrv002 without problems but when I want to login I
login over
ssh but I can’t do sudo. Ask me for pass and than three times
and that is.
Sudo permission on IPA server is configured as well because works on
other.
If I run on that Centos client command:
kinit my_username
and when I enter pass everything is ok.
If I check syslog, I get this error:
[sssd[krb5_child[8541]]]: Key version is not available
I found that is problem with /etc/krb5.keytab file. But I tried to unroll
client,
move that file and join again, problem was same.
Please, does someone have some idea?
I would make sure all client caches were cleaned up, like:
~/.cache/ipa/
François
There is no one .cache folder under ~/home/
I have several users which connect but no one don’t have that .cache