[Freeipa-users] Re: demo1.freeipa.org

Alexander Bokovoy via FreeIPA-users Tue, 09 Jul 2024 05:03:16 -0700

On Аўт, 09 ліп 2024, veck zuo via FreeIPA-users wrote:

I am deploying the freeIPA demo follwing below link.


https://www.freeipa.org/page/Demo

[root@localhost ~]# ping www.google.com
PING www.google.com (142.250.196.68) 56(84) bytes of data.
64 bytes from maa03s46-in-f4.1e100.net (142.250.196.68): icmp_seq=1 ttl=128 
time=347 ms
64 bytes from maa03s46-in-f4.1e100.net (142.250.196.68): icmp_seq=2 ttl=128 
time=348 ms
^C
--- www.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 346.995/347.316/347.637/0.321 ms
[root@localhost ~]#


[root@localhost ~]# ipa-client-install --domain demo1.freeipa.org -p admin -w 
Secret123
This program will set up IPA client.
Version 4.9.13

Skip ipa.demo1.freeipa.org: LDAP server is not responding, unable to verify if 
this is an IPA server
Skip ipa.demo1.freeipa.org: LDAP server is not responding, unable to verify if 
this is an IPA server
Provide your IPA server name (ex: ipa.example.com): ^CThe ipa-client-install 
command failed. See /var/log/ipaclient-install.log for more information


This really looks like your network is filtering out access to LDAP
ports on ipa.demo1.freeipa.org.

$ nmap ipa.demo1.freeipa.org
Starting Nmap 7.95 ( https://nmap.org ) at 2024-07-09 15:01 EEST
Nmap scan report for ipa.demo1.freeipa.org (52.57.162.88)
Host is up (0.030s latency).
Not shown: 991 filtered tcp ports (no-response)
PORT     STATE  SERVICE
22/tcp   open   ssh
53/tcp   open   domain
80/tcp   open   http
88/tcp   open   kerberos-sec
389/tcp  open   ldap
443/tcp  open   https
464/tcp  open   kpasswd5
636/tcp  open   ldapssl
9090/tcp closed zeus-admin

Nmap done: 1 IP address (1 host up) scanned in 4.98 seconds

and I have no problem reaching it:

$ ldapsearch -x -H ldap://ipa.demo1.freeipa.org -b '' -s base
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#

#
dn:
objectClass: top
namingContexts: dc=demo1,dc=freeipa,dc=org
namingContexts: cn=changelog
namingContexts: o=ipaca
defaultnamingcontext: dc=demo1,dc=freeipa,dc=org
....



--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland

--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Freeipa-users] Re: demo1.freeipa.org

Reply via email to