Thanks for the great article.
Zak Wolfinger
1

Hello, Zak!

I’m glad this article is of some use to you.

Which version of FreeIPA are you running?

First thing I would do is to check 389 Directory Server error logs.

FreeIPA uses 389 Directory Server as an LDAP-backend.

Usually, these logs are located here:

/var/log/dirsrv/slapd-%your_realm_name%/

Also, you can use an LDAP browser, to check the user accounts, which are having issues with ipaNTHash.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.