我最近在 RHEL7 上安装了 FreeIPA。这似乎运行良好几个小时,然后对 ipa 的调用开始失败并出现以下错误。
ipa: ERROR: No valid Negotiate header in server response
==================================================
[root ~]# ipa -v user-find --all
ipa: INFO: trying https://xxx.xxx.xxx.xxx/ipa/json
ipa: INFO: [try 1]: Forwarding 'user_find/1' to json server 'https://xxx.xxx.xxx.xxx/ipa/json'
ipa: ERROR: No valid Negotiate header in server response
-=================================================
[I have masked the hostnames with 'xxx']
在 /var/log/httpd/error_log - 我看到以下错误。
[Thu Dec 14 15:50:23.413286 2017] [auth_gssapi:error] [pid 10694] [client xxx.xxx.xxx.xxx:50198] GSS ERROR In Negotiate Auth: gss_accept_sec_context() failed: [Unspecified GSS failure. Minor code may provide more information ( Request ticket server HTTP/xxx.xxxx.xxxx.xxx@EC2.INTERNAL kvno 2 not found in keytab; keytab is likely out of date)], referer: https://xxx.xxx.xxx.xxx/ipa/xml
可能的原因是什么?看起来有些配置错误。