freeipa/ipaserver
Florence Blanc-Renaud e2d69380fb AD user without override receive InternalServerError with API
When ipa commands are used by an Active Directory user that
does not have any idoverride-user set, they return the
following error message which can be misleading:
$ kinit aduser@ADDOMAIN.COM
$ ipa ping
ipa: ERROR: cannot connect to 'https://master.ipa.com/ipa/json': Internal Server Error

The fix properly handles ACIError exception received when
creating the context, and now the following message can be seen:

$ kinit aduser@ADDOMAIN.COM
$ ipa ping
ipa: ERROR: cannot connect to 'https://master.ipa.com/ipa/json': Unauthorized

with the following log in /var/log/httpd/error_log:
ipa: INFO: 401 Unauthorized: Insufficient access:  Invalid credentials

Fixes: https://pagure.io/freeipa/issue/8163
Reviewed-By: Alexander Bokovoy <abbra@users.noreply.github.com>
2020-01-10 17:07:57 +01:00
..
advise smartcard: make the ipa-advise script compatible with authselect/authconfig 2019-11-08 12:57:54 +01:00
dnssec Add ODS manager abstraction to ipaplatform 2019-04-24 14:08:20 +02:00
install removed unused function export_pem_p12 2019-12-17 09:18:37 +01:00
plugins ipaserver/plugins/dns.py: add "Dynamic Update" and "Bind update policy" to default dnszone* output 2020-01-06 09:42:21 -05:00
secrets NSSWrappedCertDB: accept optional symmetric algorithm 2019-09-25 12:42:06 +10:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc_common.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
dcerpc.py Fix get_trusted_domain_object_from_sid() 2019-12-12 09:58:16 +01:00
dns_data_management.py Removed unnecessary imports after code review. 2019-09-27 09:38:32 +02:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
masters.py Add hidden replica feature 2019-03-28 17:57:58 +01:00
p11helper.py Add PKCS#11 module name to p11helper errors 2019-07-25 15:16:33 -04:00
rpcserver.py AD user without override receive InternalServerError with API 2020-01-10 17:07:57 +01:00
servroles.py Consider configured servers as valid 2019-04-29 16:51:40 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Move Custodia secrets handler to scripts 2019-04-26 12:09:22 +02:00
topology.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00