I was tailing several logs in /var/log/pki/pki-tomcat/ca/ (debug, system, and
transactions) and though the replica installation failed again at the same
point, this is what I got from the logs throughout the installation process:
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
SecurityDomainResource.getDomainInfo()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
mapping: default
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
required auth methods: [*]
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
anonymous access allowed
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor:
SecurityDomainResource.getDomainInfo()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: No ACL
mapping.
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: SecurityDomainResource.getDomainInfo()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: content-type: null
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: accept: [application/json]
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: response format: application/json
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: according to ccMode,
authorization for servlet: securitydomain is LDAP based, not XML {1}, use
default authz mgr: {2}.
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: LdapBoundConnFactory:
init
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
LdapBoundConnFactory:doCloning true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: LdapAuthInfo: init()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: LdapAuthInfo: init begins
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: LdapAuthInfo: init ends
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: init: before
makeConnection errorIfDown is false
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: makeConnection:
errorIfDown false
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: LdapJssSSLSocket set
client auth cert nicknamesubsystemCert cert-pki-ca
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SSL handshake happened
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: Established LDAP
connection with SSL client auth to ipa1.our.net:636
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: initializing with
mininum 3 and maximum 15 connections to host ipa1.our.net port 636, secure
connection, true, authentication type 2
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: increasing minimum
connections by 3
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: new total available
connections 3
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: new number of
connections 3
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: In
LdapBoundConnFactory::getConn()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: masterConn is connected:
true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: conn is
connected true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: mNumConns now 2
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
name: IPA
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: CA
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- cn=ipa1.our.net:443,cn=CAList,ou=Security Domain,o=ipaca
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- objectClass: top
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- host: ipa1.our.net
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- SecurePort: 443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- SecureAgentPort: 443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- SecureAdminPort: 443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- SecureEEClientAuthPort: 443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- UnSecurePort: 80
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- Clone: FALSE
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- SubsystemName: CA ipa1.our.net 8443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- cn: ipa1.our.net:443
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
- DomainManager: TRUE
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: OCSP
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: KRA
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: RA
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: TKS
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SecurityDomainProcessor:
subtype: TPS
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: Releasing ldap connection
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 3
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: Authentication: UID=admin
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: In
LdapBoundConnFactory::getConn()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: masterConn is connected:
true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: conn is
connected true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: mNumConns now 2
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
LdapAnonConnFactory::getConn
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]:
LdapAnonConnFactory.getConn(): num avail conns now 2
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 3
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: SSL handshake happened
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 2
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: In
LdapBoundConnFactory::getConn()
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: masterConn is connected:
true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: conn is
connected true
[08/Jun/2021:06:35:45][ajp-bio-127.0.0.1-8009-exec-2]: getConn: mNumConns now 2
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 3
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: In
LdapBoundConnFactory::getConn()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: masterConn is connected:
true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: getConn: conn is
connected true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: getConn: mNumConns now 2
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 3
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: In
LdapBoundConnFactory::getConn()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: masterConn is connected:
true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: getConn: conn is
connected true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: getConn: mNumConns now 2
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: returnConn: mNumConns
now 3
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
AccountResource.login()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
mapping: account
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
required auth methods: [passwdUserDBAuthMgr, certUserDBAuthMgr]
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
authentication manager: passwdUserDBAuthMgr
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
access granted
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor:
AccountResource.login()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: mapping:
account.login
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor:
principal: admin
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: ACL:
certServer.ca.account,login
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: checkACLS(): ACLEntry
expressions= user="anybody"
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: evaluating expressions:
user="anybody"
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: evaluated expression:
user="anybody" to be true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: DirAclAuthz:
authorization passed
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: access
granted
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: AccountResource.login()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: content-type: null
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: accept: [application/json]
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: response format: application/json
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
AccountResource.logout()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
mapping: account
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
required auth methods: [passwdUserDBAuthMgr, certUserDBAuthMgr]
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
authentication manager: passwdUserDBAuthMgr
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: AuthMethodInterceptor:
access granted
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor:
AccountResource.logout()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: mapping:
account.logout
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor:
principal: admin
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: ACL:
certServer.ca.account,logout
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: checkACLS(): ACLEntry
expressions= user="anybody"
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: evaluating expressions:
user="anybody"
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: evaluated expression:
user="anybody" to be true
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: DirAclAuthz:
authorization passed
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]: ACLInterceptor: access
granted
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: AccountResource.logout()
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: content-type: null
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: accept: [application/json]
[08/Jun/2021:06:35:46][ajp-bio-127.0.0.1-8009-exec-2]:
MessageFormatInterceptor: response format: application/json
It again failed at this point:
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
[1/30]: configuring certificate server instance
ipaserver.install.dogtaginstance: CRITICAL Failed to configure CA instance:
Command '/usr/sbin/pkispawn -s CA -f /tmp/tmph2SUT4' returned non-zero exit
status 1
ipaserver.install.dogtaginstance: CRITICAL See the installation logs and the
following files/directories for more information:
ipaserver.install.dogtaginstance: CRITICAL /var/log/pki/pki-tomcat
[error] RuntimeError: CA configuration failed.
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
ipapython.admintool: ERROR CA configuration failed.
ipapython.admintool: ERROR The ipa-replica-install command failed. See
/var/log/ipareplica-install.log for more information
Is there another way to transfer or duplicate the CA? We are ultimately
planning to shut this box down due to its age, and currently it is the only CA,
but it seems to be trying to hang on to its job security... ;-)
--
Bret Wortman
bret.wort...@damascusgrp.com
On Mon, Jun 7, 2021, at 11:13 AM, Bret Wortman via FreeIPA-users wrote:
> You were absolutely correct, the flag worked, and the config-show did
> not show a CRL server at all.
>
> I'll dig into the ca logs next.
>
>
> --
> Bret Wortman
> bret.wort...@damascusgrp.com
>
> On Mon, Jun 7, 2021, at 11:07 AM, Rob Crittenden wrote:
> > Bret Wortman wrote:
> > > I cleaned up the contents of our ldap manually, re-created the replica
> > > file, and got a lot further than we have before but ipa-replica-install
> > > still failed as below:
> > >
> > > Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
> > > [1/30]: configuring certificate server instance
> > > ipaserver.install.dogtaginstance: CRITICAL Failed to configure CA
> > > instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmphvJyRY' returned
> > > non-zero exit status 1
> > > ipaserver.install.dogtaginstance: CRITICAL See the installation logs and
> > > the following files/directories for more information:
> > > ipaserver.install.dogtaginstance: CRITICAL /var/log/pki/pki-tomcat
> > > [error] RuntimeError: CA configuration failed.
> > > Your system may be partly configured.
> > > Run /usr/sbin/ipa-server-install --uninstall to clean up.
> >
> > If the pkispawn fails you need to dig into the CA logging for any
> > details. It just gives us a pass/fail to IPA.
> >
> > > ipapython.admintool: ERROR CA configuration failed.
> > > ipapython.admintool: ERROR The ipa-replica-install command failed. See
> > > /var/log/ipareplica-install.log for more information
> > > [root@ipa2c7 ~]# ipa-server-install --uninstall -U
> > > ipapython.admintool: ERROR Unable to read
> > > /etc/httpd/conf.d/ipa-pki-proxy.conf
> > > ipapython.admintool: ERROR The ipa-server-install command failed. See
> > > /var/log/ipaserver-uninstall.log for more information
> > > [root@ipa2c7 ~]# touch /etc/httpd/conf.d/ipa-pki-proxy.conf
> > > [root@ipa2c7 ~]# ipa-server-install --uninstall -U
> > > Deleting this server will leave your installation without a CRL
> > > generation master.
> > > ipapython.admintool: ERROR Aborting uninstall operation.
> > > ipapython.admintool: ERROR The ipa-server-install command failed. See
> > > /var/log/ipaserver-uninstall.log for more information
> >
> > This is most likely a red herring. Your current version is old enough
> > that it may not store who the CRL management server is. On the existing
> > server us ipa config-show to find out.
> >
> > You can add --igore-last-of-role to skip this I believe.
> >
> > rob
> >
> > >
> > > It looks to have failed in such a way that it doesn't know how to back
> > > out again, which I haven't seen before. Thoughts? The error in
> > > ipa-uninstall.log looks like a generic admintool.py error:
> > >
> > > 2021-06-07T12:31:38Z DEBUG retrieving schema for SchemaCache
> > > url=ldapi://%2fvar%2frun%2fslapd-OUR-NET.socket
> > > conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f05289fdf80>
> > > 2021-06-07T12:31:38Z DEBUG raw: config_show(version=u'2.237')
> > > 2021-06-07T12:31:38Z DEBUG config_show(rights=False, all=False,
> > > raw=False, version=u'2.237')
> > > 2021-06-07T12:31:38Z DEBUG File
> > > "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in
> > > execute
> > > return_value = self.run()
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line
> > > 319, in run
> > > return cfgr.run()
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 358, in run
> > > self.validate()
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 368, in validate
> > > for _nothing in self._validator():
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 431, in __runner
> > > exc_handler(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 455, in _handle_validate_exception
> > > self._handle_exception(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 450, in _handle_exception
> > > six.reraise(*exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 421, in __runner
> > > step()
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 418, in <lambda>
> > > step = lambda: next(self.__gen)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line
> > > 81, in run_generator_with_yield_from
> > > six.reraise(*exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line
> > > 59, in run_generator_with_yield_from
> > > value = gen.send(prev_value)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 633, in _configure
> > > next(validator)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 431, in __runner
> > > exc_handler(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 455, in _handle_validate_exception
> > > self._handle_exception(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 518, in _handle_exception
> > > self.__parent._handle_exception(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 450, in _handle_exception
> > > six.reraise(*exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 515, in _handle_exception
> > > super(ComponentBase, self)._handle_exception(exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 450, in _handle_exception
> > > six.reraise(*exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 421, in __runner
> > > step()
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line
> > > 418, in <lambda>
> > > step = lambda: next(self.__gen)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line
> > > 81, in run_generator_with_yield_from
> > > six.reraise(*exc_info)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line
> > > 59, in run_generator_with_yield_from
> > > value = gen.send(prev_value)
> > > File "/usr/lib/python2.7/site-packages/ipapython/install/common.py",
> > > line 73, in _uninstall
> > > for unused in self._uninstaller(self.parent):
> > > File
> > > "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py",
> > > line 594, in main
> > > uninstall_check(self)
> > > File
> > > "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py",
> > > line 250, in decorated
> > > func(installer)
> > > File
> > > "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py",
> > > line 1030, in uninstall_check
> > > ca.uninstall_check(options)
> > > File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line
> > > 127, in uninstall_check
> > > raise ScriptError("Aborting uninstall operation.")
> > >
> > > 2021-06-07T12:31:38Z DEBUG The ipa-server-install command failed,
> > > exception: ScriptError: Aborting uninstall operation.
> > > 2021-06-07T12:31:38Z ERROR Aborting uninstall operation.
> > > 2021-06-07T12:31:38Z ERROR The ipa-server-install command failed. See
> > > /var/log/ipaserver-uninstall.log for more information
> > >
> > >
> >
> >
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to
> freeipa-users-le...@lists.fedorahosted.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
