Odd, must have clicked reply instead of reply-all. Anyway, I did the revert and re-install. Actual install went through fine then the "ipa-server-install" ran until this:
[8/9]: restoring configuration [9/9]: starting directory server Done. Restarting the directory server Restarting the KDC Please add records in this file to your DNS system: /tmp/ipa.system.records.v5Jwrt.db Restarting the web server Configuring client side components Using existing certificate '/etc/ipa/ca.crt'. Client hostname: ipa.rdlg.net Realm: RDLG.NET DNS Domain: rdlg.net IPA Server: ipa.rdlg.net BaseDN: dc=rdlg,dc=net Skipping synchronizing time with NTP server. New SSSD config will be created Configured sudoers in /etc/nsswitch.conf Configured /etc/sssd/sssd.conf trying https://ipa.rdlg.net/ipa/json Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json' It's been sitting there for a while ( 4 hours? ) I don't see anyting in the ipaserver-install.log, but it's here: https://pastebin.com/biK1Dmv7 On Thu, May 11, 2017 at 8:12 AM Martin Bašti <mba...@redhat.com> wrote: > Please keep freeipa-users in CC > > Snapshot is always better, so I suggest to use it. Otherwise there is an > option --ignore-last-of-role to unblock uninstallation. > > Martin > > On 11.05.2017 16:00, Robert L. Harris wrote: > > > Looks like you hit it, apache didn't have a group: > > -- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu 2017-05-11 > 07:48:27 MDT. -- > May 10 20:36:00 ipa.rdlg.net systemd[1]: Starting The Apache HTTP > Server... > May 10 20:36:00 ipa.rdlg.net ipa-httpd-kdcproxy[28808]: ipa : > INFO KDC proxy enabled > May 10 20:36:00 ipa.rdlg.net httpd[28809]: AH00544: httpd: bad group name > apache > May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: main process > exited, code=exited, status=1/FAILURE > May 10 20:36:00 ipa.rdlg.net kill[28812]: kill: cannot find process "" > May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: control process > exited, code=exited status=1 > May 10 20:36:00 ipa.rdlg.net systemd[1]: Failed to start The Apache HTTP > Server. > May 10 20:36:00 ipa.rdlg.net systemd[1]: Unit httpd.service entered > failed state. > May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service failed. > > Thanks, didn't know that command. I tried to continue the process: > > {0}:/root>ipa-server-install > > The log file for this installation can be found in > /var/log/ipaserver-install.log > ipa.ipapython.install.cli.install_tool(Server): ERROR IPA server is > already configured on this system. > If you want to reinstall the IPA server, please uninstall it first using > 'ipa-server-install --uninstall'. > ipa.ipapython.install.cli.install_tool(Server): ERROR The > ipa-server-install command failed. See /var/log/ipaserver-install.log for > more information > > root@ipa > {1}:/root>ipa-server-install --uninstall > > This is a NON REVERSIBLE operation and will delete all data and > configuration! > > Are you sure you want to continue with the uninstall procedure? [no]: yes > ipa : ERROR Server removal aborted: Deleting this server is not > allowed as it would leave your installation without a CA.. > > > > This is a VM and I took a snapshot right before I started the install, so > I can revert, just make sure ti add the apache user before starting the > install. Or if you have a better command to continue the > clean-up/install..... > > > On Thu, May 11, 2017 at 2:19 AM Martin Bašti <mba...@redhat.com> wrote: > >> Hello, >> >> comments inline >> >> On 11.05.2017 06:06, Robert L. Harris wrote: >> >> >> Sigh... Sorry, it's been a long day, I thought I put that log in the >> first pastebin. It's in this one: https://pastebin.com/18PAXXNS >> >> >> Could you please provide journalctl -u httpd and /var/log/httpd/error_log >> ? >> >> >> >> >> Also, >> Anyone else get the constant spam when mailing this list? Got an >> address to block for it? >> >> >> Sorry for that, there is a bot mining public archives. We plan to resolve >> this issue but it may take time as we are not maintaining our mailman. >> >> Martin >> >> >> >> Robert >> >> >> >> >> On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman <data...@gmail.com> >> wrote: >> >>> Robert, did you look in /var/log/ipaserver-install.log as it says? >>> >>> Was there any other information? >>> >>> cheers >>> L. >>> >>> ------ >>> "Mission Statement: To provide hope and inspiration for collective >>> action, to build collective power, to achieve collective transformation, >>> rooted in grief and rage but pointed towards vision and dreams." >>> >>> - Patrice Cullors, *Black Lives Matter founder* >>> >>> On 11 May 2017 at 13:24, Robert L. Harris <robert.l.har...@gmail.com> >>> wrote: >>> >>>> Ok, I gave up on Ubuntu. I'm now trying the latest CentOS7. I built >>>> out a "minimal server" with some normal base packages which did include the >>>> freeipa-client but otherwise, just standard tools. Here's a pastebin of >>>> the output of the install: https://pastebin.com/zAWCgkUU >>>> >>>> Robert >>>> >>>> >>>> -- >>>> Manage your subscription for the Freeipa-users mailing list: >>>> https://www.redhat.com/mailman/listinfo/freeipa-users >>>> Go to http://freeipa.org for more info on the project >>>> >>> >>> -- >>> Manage your subscription for the Freeipa-users mailing list: >>> https://www.redhat.com/mailman/listinfo/freeipa-users >>> Go to http://freeipa.org for more info on the project >> >> >> >> >> -- >> Martin Bašti >> Software Engineer >> Red Hat Czech >> >> > -- > Martin Bašti > Software Engineer > Red Hat Czech > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project