A.3. Investigating IdM Web UI Authentication Failures

download PDF
  1. Make sure the user can authenticate from the command line using the kinit utility. If the authentication fails, see also Section A.2, “Investigating kinit Authentication Failures”.
  2. Make sure that the httpd and dirsrv services on the affected server are running:
    # systemctl status httpd.service
    # systemctl status dirsrv@IPA-EXAMPLE-COM.service
  3. Make sure no related SELinux Access Vector Cache (AVC) messages are logged in the /var/log/audit/audit.log and /var/log/messages files.
    See Basic SELinux Troubleshooting in CLI in the Red Hat Knowledgebase for details on resolving AVC messages.
  4. Make sure that cookies are enabled on the browser from which you are authenticating.
  5. Make sure that the time difference between the IdM server and the system on which you are authenticating is 5 minutes at the most.
  6. Review the Apache error log: /var/log/httpd/error_log.
  7. Enable verbose logging for the authentication process to help diagnose the problem. See Troubleshooting Firefox Kerberos Configuration in the System-Level Authentication Guide for advice on how to enable verbose logging in Firefox.
If you are having problems when logging in using certificates:
  1. In the /etc/httpd/conf.d/nss.conf file, change the LogLevel attribute to info.
  2. Restart the Apache server:
    # systemctl restart httpd
  3. Try logging in with the certificate again.
  4. Review the Apache error log: /var/log/httpd/error_log.
    The log shows messages recorded by the mod_lookup_identity module, including information about whether the module successfully matched the user during the login attempt or not.

Related Information

Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.