subject:"\[Freeipa\-users\] Fresh Install of FreeIPA\-Server \- CentOS7"

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-17 Thread Robert L. Harris

   Ok, I reverted to a completely fresh install, literally just after the
first reboot.  It installed cleanly.  So there's something in a package
upgrade that's breaking things.  I may try to figure it out later.

On Tue, May 16, 2017 at 3:08 PM Dagan McGregor  wrote:

> On 17 May 2017 8:50:02 AM NZST, "Robert L. Harris" <
> robert.l.har...@gmail.com> wrote:
>>
>>   I can, though that's what I did 2 days ago, fresh install from latest
>> ISO.
>>
>>
>> On Tue, May 16, 2017 at 2:40 PM Andrew Holway 
>> wrote:
>>
>>> I have a feeling that there is something broken with your image. Could
>>> you try installing Centos from ISO?
>>>
>>>
>>> On 16 May 2017 at 22:37, Robert L. Harris 
>>> wrote:
>>>

 I left SELinux enabled, no change, still streaming the same error:

 [Tue May 16 14:36:48.957848 2017] [:error] [pid 10780] NSS_Initialize
 failed. Certificate database: /etc/httpd/alias.
 [Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library
 Error: -8038 SEC_ERROR_NOT_INITIALIZED
 [Tue May 16 14:36:48.957886 2017] [:error] [pid 10780] Does the NSS
 database exist?



 On Tue, May 16, 2017 at 2:12 PM Andrew Holway 
 wrote:

> Yea, I would try installing IPA then making the changes that you want.
> I think SELinux should be left enabled however. It makes admin super fun! 
> :)
>
>
> On 16 May 2017 at 21:57, Robert L. Harris 
> wrote:
>
>>
>> I did disable selinux as it gave errors setting up my standard users,
>> etc.  I can roll back the snapshot, set it at 4Gigs of RAM and re-enable
>> selinux and then try again.
>>
>>
>> On Tue, May 16, 2017 at 1:52 PM Andrew Holway <
>> andrew.hol...@gmail.com> wrote:
>>
>>> This is pretty weird. FreeIPA installation normally works.
>>>
>>> Has the operating system image been changed or optimised somehow?
>>> Perhaps SELinux has been disabled? Have you tried installing Centos7 
>>> from
>>> the ISO?
>>>
>>> On 16 May 2017 at 21:48, Robert L. Harris >> > wrote:
>>>

2 Gigs, it's a VM.  The VM didn't report any memory issues ( no
 alarms on VMWare )


 On Tue, May 16, 2017 at 12:29 PM Andrew Holway <
 andrew.hol...@gmail.com> wrote:

> Hallo,
>
> How much memory do you have on the machine. I have a sneaking
> suspicion that you're running out.
>
> Ta,
>
> Andrew
>
> On 16 May 2017 at 17:16, Robert L. Harris <
> robert.l.har...@gmail.com> wrote:
>
>>
>> Last night I rolled back my snapshot.  Here's what I have after
>> the yum install
>>
>> "minimal" install of Centos7 + basic build.
>> {0}:/var/log>cat /etc/*elease
>> CentOS Linux release 7.3.1611 (Core)
>> NAME="CentOS Linux"
>> VERSION="7 (Core)"
>> ID="centos"
>> ID_LIKE="rhel fedora"
>> VERSION_ID="7"
>> PRETTY_NAME="CentOS Linux 7 (Core)"
>> ANSI_COLOR="0;31"
>> CPE_NAME="cpe:/o:centos:centos:7"
>> HOME_URL="https://www.centos.org/;
>> BUG_REPORT_URL="https://bugs.centos.org/;
>>
>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>> REDHAT_SUPPORT_PRODUCT="centos"
>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>
>> CentOS Linux release 7.3.1611 (Core)
>> CentOS Linux release 7.3.1611 (Core)
>>
>>
>> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
>> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
>> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
>> ipa-common-4.4.0-14.el7.centos.7.noarch
>> perl-HTTP-Tiny-0.033-3.el7.noarch
>> python-iniparse-0.4-9.el7.noarch
>> ipa-client-common-4.4.0-14.el7.centos.7.noarch
>> pam_krb5-2.4.8-6.el7.x86_64
>> sssd-krb5-1.14.0-43.el7_3.14.x86_64
>> python-ipaddress-1.0.16-2.el7.noarch
>> python2-ipalib-4.4.0-14.el7.centos.7.noarch
>> krb5-libs-1.14.1-27.el7_3.x86_64
>> libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> sssd-ipa-1.14.0-43.el7_3.14.x86_64
>> krb5-workstation-1.14.1-27.el7_3.x86_64
>> ipa-client-4.4.0-14.el7.centos.7.x86_64
>>
>> Tried to pull an exact client.  The "yum install ipa-server" went
>> fine:
>>
>> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
>> ipa-server-4.4.0-14.el7.centos.7.x86_64
>> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>>
>>
>> "ipa-server-install" ran clean but has been stuck for 2

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Dagan McGregor

On 17 May 2017 8:50:02 AM NZST, "Robert L. Harris"  
wrote:
>I can, though that's what I did 2 days ago, fresh install from latest
>ISO.
>
>
>On Tue, May 16, 2017 at 2:40 PM Andrew Holway 
>wrote:
>
>> I have a feeling that there is something broken with your image.
>Could you
>> try installing Centos from ISO?
>>
>>
>> On 16 May 2017 at 22:37, Robert L. Harris 
>> wrote:
>>
>>>
>>> I left SELinux enabled, no change, still streaming the same error:
>>>
>>> [Tue May 16 14:36:48.957848 2017] [:error] [pid 10780]
>NSS_Initialize
>>> failed. Certificate database: /etc/httpd/alias.
>>> [Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library
>Error:
>>> -8038 SEC_ERROR_NOT_INITIALIZED
>>> [Tue May 16 14:36:48.957886 2017] [:error] [pid 10780] Does the NSS
>>> database exist?
>>>
>>>
>>>
>>> On Tue, May 16, 2017 at 2:12 PM Andrew Holway
>
>>> wrote:
>>>
 Yea, I would try installing IPA then making the changes that you
>want. I
 think SELinux should be left enabled however. It makes admin super
>fun! :)


 On 16 May 2017 at 21:57, Robert L. Harris
>
 wrote:

>
> I did disable selinux as it gave errors setting up my standard
>users,
> etc.  I can roll back the snapshot, set it at 4Gigs of RAM and
>re-enable
> selinux and then try again.
>
>
> On Tue, May 16, 2017 at 1:52 PM Andrew Holway
>
> wrote:
>
>> This is pretty weird. FreeIPA installation normally works.
>>
>> Has the operating system image been changed or optimised somehow?
>> Perhaps SELinux has been disabled? Have you tried installing
>Centos7 from
>> the ISO?
>>
>> On 16 May 2017 at 21:48, Robert L. Harris
>
>> wrote:
>>
>>>
>>>2 Gigs, it's a VM.  The VM didn't report any memory issues (
>no
>>> alarms on VMWare )
>>>
>>>
>>> On Tue, May 16, 2017 at 12:29 PM Andrew Holway <
>>> andrew.hol...@gmail.com> wrote:
>>>
 Hallo,

 How much memory do you have on the machine. I have a sneaking
 suspicion that you're running out.

 Ta,

 Andrew

 On 16 May 2017 at 17:16, Robert L. Harris
> wrote:

>
> Last night I rolled back my snapshot.  Here's what I have
>after the
> yum install
>
> "minimal" install of Centos7 + basic build.
> {0}:/var/log>cat /etc/*elease
> CentOS Linux release 7.3.1611 (Core)
> NAME="CentOS Linux"
> VERSION="7 (Core)"
> ID="centos"
> ID_LIKE="rhel fedora"
> VERSION_ID="7"
> PRETTY_NAME="CentOS Linux 7 (Core)"
> ANSI_COLOR="0;31"
> CPE_NAME="cpe:/o:centos:centos:7"
> HOME_URL="https://www.centos.org/;
> BUG_REPORT_URL="https://bugs.centos.org/;
>
> CENTOS_MANTISBT_PROJECT="CentOS-7"
> CENTOS_MANTISBT_PROJECT_VERSION="7"
> REDHAT_SUPPORT_PRODUCT="centos"
> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>
> CentOS Linux release 7.3.1611 (Core)
> CentOS Linux release 7.3.1611 (Core)
>
>
> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
> ipa-common-4.4.0-14.el7.centos.7.noarch
> perl-HTTP-Tiny-0.033-3.el7.noarch
> python-iniparse-0.4-9.el7.noarch
> ipa-client-common-4.4.0-14.el7.centos.7.noarch
> pam_krb5-2.4.8-6.el7.x86_64
> sssd-krb5-1.14.0-43.el7_3.14.x86_64
> python-ipaddress-1.0.16-2.el7.noarch
> python2-ipalib-4.4.0-14.el7.centos.7.noarch
> krb5-libs-1.14.1-27.el7_3.x86_64
> libipa_hbac-1.14.0-43.el7_3.14.x86_64
> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
> sssd-ipa-1.14.0-43.el7_3.14.x86_64
> krb5-workstation-1.14.1-27.el7_3.x86_64
> ipa-client-4.4.0-14.el7.centos.7.x86_64
>
> Tried to pull an exact client.  The "yum install ipa-server"
>went
> fine:
>
> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
> ipa-server-4.4.0-14.el7.centos.7.x86_64
> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>
>
> "ipa-server-install" ran clean but has been stuck for 2 days:
>
> Restarting the directory server
> Restarting the KDC
> Please add records in this file to your DNS system:
> /tmp/ipa.system.records.qLsLyx.db
> Restarting the web server
> Configuring client side components
> Using existing certificate '/etc/ipa/ca.crt'.
> Client hostname: ipa.rdlg.net
> Realm: RDLG.NET
> DNS Domain: rdlg.net

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Robert L. Harris

  I can, though that's what I did 2 days ago, fresh install from latest ISO.

On Tue, May 16, 2017 at 2:40 PM Andrew Holway 
wrote:

> I have a feeling that there is something broken with your image. Could you
> try installing Centos from ISO?
>
>
> On 16 May 2017 at 22:37, Robert L. Harris 
> wrote:
>
>>
>> I left SELinux enabled, no change, still streaming the same error:
>>
>> [Tue May 16 14:36:48.957848 2017] [:error] [pid 10780] NSS_Initialize
>> failed. Certificate database: /etc/httpd/alias.
>> [Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library Error:
>> -8038 SEC_ERROR_NOT_INITIALIZED
>> [Tue May 16 14:36:48.957886 2017] [:error] [pid 10780] Does the NSS
>> database exist?
>>
>>
>>
>> On Tue, May 16, 2017 at 2:12 PM Andrew Holway 
>> wrote:
>>
>>> Yea, I would try installing IPA then making the changes that you want. I
>>> think SELinux should be left enabled however. It makes admin super fun! :)
>>>
>>>
>>> On 16 May 2017 at 21:57, Robert L. Harris 
>>> wrote:
>>>

 I did disable selinux as it gave errors setting up my standard users,
 etc.  I can roll back the snapshot, set it at 4Gigs of RAM and re-enable
 selinux and then try again.

 On Tue, May 16, 2017 at 1:52 PM Andrew Holway 
 wrote:

> This is pretty weird. FreeIPA installation normally works.
>
> Has the operating system image been changed or optimised somehow?
> Perhaps SELinux has been disabled? Have you tried installing Centos7 from
> the ISO?
>
> On 16 May 2017 at 21:48, Robert L. Harris 
> wrote:
>
>>
>>2 Gigs, it's a VM.  The VM didn't report any memory issues ( no
>> alarms on VMWare )
>>
>>
>> On Tue, May 16, 2017 at 12:29 PM Andrew Holway <
>> andrew.hol...@gmail.com> wrote:
>>
>>> Hallo,
>>>
>>> How much memory do you have on the machine. I have a sneaking
>>> suspicion that you're running out.
>>>
>>> Ta,
>>>
>>> Andrew
>>>
>>> On 16 May 2017 at 17:16, Robert L. Harris >> > wrote:
>>>

 Last night I rolled back my snapshot.  Here's what I have after the
 yum install

 "minimal" install of Centos7 + basic build.
 {0}:/var/log>cat /etc/*elease
 CentOS Linux release 7.3.1611 (Core)
 NAME="CentOS Linux"
 VERSION="7 (Core)"
 ID="centos"
 ID_LIKE="rhel fedora"
 VERSION_ID="7"
 PRETTY_NAME="CentOS Linux 7 (Core)"
 ANSI_COLOR="0;31"
 CPE_NAME="cpe:/o:centos:centos:7"
 HOME_URL="https://www.centos.org/;
 BUG_REPORT_URL="https://bugs.centos.org/;

 CENTOS_MANTISBT_PROJECT="CentOS-7"
 CENTOS_MANTISBT_PROJECT_VERSION="7"
 REDHAT_SUPPORT_PRODUCT="centos"
 REDHAT_SUPPORT_PRODUCT_VERSION="7"

 CentOS Linux release 7.3.1611 (Core)
 CentOS Linux release 7.3.1611 (Core)

 {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
 sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
 python2-ipaclient-4.4.0-14.el7.centos.7.noarch
 ipa-common-4.4.0-14.el7.centos.7.noarch
 perl-HTTP-Tiny-0.033-3.el7.noarch
 python-iniparse-0.4-9.el7.noarch
 ipa-client-common-4.4.0-14.el7.centos.7.noarch
 pam_krb5-2.4.8-6.el7.x86_64
 sssd-krb5-1.14.0-43.el7_3.14.x86_64
 python-ipaddress-1.0.16-2.el7.noarch
 python2-ipalib-4.4.0-14.el7.centos.7.noarch
 krb5-libs-1.14.1-27.el7_3.x86_64
 libipa_hbac-1.14.0-43.el7_3.14.x86_64
 python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
 sssd-ipa-1.14.0-43.el7_3.14.x86_64
 krb5-workstation-1.14.1-27.el7_3.x86_64
 ipa-client-4.4.0-14.el7.centos.7.x86_64

 Tried to pull an exact client.  The "yum install ipa-server" went
 fine:

 {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
 ipa-server-4.4.0-14.el7.centos.7.x86_64
 ipa-server-common-4.4.0-14.el7.centos.7.noarch

 "ipa-server-install" ran clean but has been stuck for 2 days:

 Restarting the directory server
 Restarting the KDC
 Please add records in this file to your DNS system:
 /tmp/ipa.system.records.qLsLyx.db
 Restarting the web server
 Configuring client side components
 Using existing certificate '/etc/ipa/ca.crt'.
 Client hostname: ipa.rdlg.net
 Realm: RDLG.NET
 DNS Domain: rdlg.net
 IPA Server: ipa.rdlg.net
 BaseDN: dc=rdlg,dc=net

 Skipping synchronizing time with NTP server.
 New SSSD config will be created
 Configured sudoers in /etc/nsswitch.conf
 Configured

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Andrew Holway

I have a feeling that there is something broken with your image. Could you
try installing Centos from ISO?

On 16 May 2017 at 22:37, Robert L. Harris  wrote:

>
> I left SELinux enabled, no change, still streaming the same error:
>
> [Tue May 16 14:36:48.957848 2017] [:error] [pid 10780] NSS_Initialize
> failed. Certificate database: /etc/httpd/alias.
> [Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library Error:
> -8038 SEC_ERROR_NOT_INITIALIZED
> [Tue May 16 14:36:48.957886 2017] [:error] [pid 10780] Does the NSS
> database exist?
>
>
>
> On Tue, May 16, 2017 at 2:12 PM Andrew Holway 
> wrote:
>
>> Yea, I would try installing IPA then making the changes that you want. I
>> think SELinux should be left enabled however. It makes admin super fun! :)
>>
>>
>> On 16 May 2017 at 21:57, Robert L. Harris 
>> wrote:
>>
>>>
>>> I did disable selinux as it gave errors setting up my standard users,
>>> etc.  I can roll back the snapshot, set it at 4Gigs of RAM and re-enable
>>> selinux and then try again.
>>>
>>>
>>> On Tue, May 16, 2017 at 1:52 PM Andrew Holway 
>>> wrote:
>>>
 This is pretty weird. FreeIPA installation normally works.

 Has the operating system image been changed or optimised somehow?
 Perhaps SELinux has been disabled? Have you tried installing Centos7 from
 the ISO?

 On 16 May 2017 at 21:48, Robert L. Harris 
 wrote:

>
>2 Gigs, it's a VM.  The VM didn't report any memory issues ( no
> alarms on VMWare )
>
>
> On Tue, May 16, 2017 at 12:29 PM Andrew Holway <
> andrew.hol...@gmail.com> wrote:
>
>> Hallo,
>>
>> How much memory do you have on the machine. I have a sneaking
>> suspicion that you're running out.
>>
>> Ta,
>>
>> Andrew
>>
>> On 16 May 2017 at 17:16, Robert L. Harris 
>> wrote:
>>
>>>
>>> Last night I rolled back my snapshot.  Here's what I have after the
>>> yum install
>>>
>>> "minimal" install of Centos7 + basic build.
>>> {0}:/var/log>cat /etc/*elease
>>> CentOS Linux release 7.3.1611 (Core)
>>> NAME="CentOS Linux"
>>> VERSION="7 (Core)"
>>> ID="centos"
>>> ID_LIKE="rhel fedora"
>>> VERSION_ID="7"
>>> PRETTY_NAME="CentOS Linux 7 (Core)"
>>> ANSI_COLOR="0;31"
>>> CPE_NAME="cpe:/o:centos:centos:7"
>>> HOME_URL="https://www.centos.org/;
>>> BUG_REPORT_URL="https://bugs.centos.org/;
>>>
>>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>>> REDHAT_SUPPORT_PRODUCT="centos"
>>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>>
>>> CentOS Linux release 7.3.1611 (Core)
>>> CentOS Linux release 7.3.1611 (Core)
>>>
>>>
>>> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
>>> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
>>> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
>>> ipa-common-4.4.0-14.el7.centos.7.noarch
>>> perl-HTTP-Tiny-0.033-3.el7.noarch
>>> python-iniparse-0.4-9.el7.noarch
>>> ipa-client-common-4.4.0-14.el7.centos.7.noarch
>>> pam_krb5-2.4.8-6.el7.x86_64
>>> sssd-krb5-1.14.0-43.el7_3.14.x86_64
>>> python-ipaddress-1.0.16-2.el7.noarch
>>> python2-ipalib-4.4.0-14.el7.centos.7.noarch
>>> krb5-libs-1.14.1-27.el7_3.x86_64
>>> libipa_hbac-1.14.0-43.el7_3.14.x86_64
>>> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
>>> sssd-ipa-1.14.0-43.el7_3.14.x86_64
>>> krb5-workstation-1.14.1-27.el7_3.x86_64
>>> ipa-client-4.4.0-14.el7.centos.7.x86_64
>>>
>>> Tried to pull an exact client.  The "yum install ipa-server" went
>>> fine:
>>>
>>> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
>>> ipa-server-4.4.0-14.el7.centos.7.x86_64
>>> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>>>
>>>
>>> "ipa-server-install" ran clean but has been stuck for 2 days:
>>>
>>> Restarting the directory server
>>> Restarting the KDC
>>> Please add records in this file to your DNS system:
>>> /tmp/ipa.system.records.qLsLyx.db
>>> Restarting the web server
>>> Configuring client side components
>>> Using existing certificate '/etc/ipa/ca.crt'.
>>> Client hostname: ipa.rdlg.net
>>> Realm: RDLG.NET
>>> DNS Domain: rdlg.net
>>> IPA Server: ipa.rdlg.net
>>> BaseDN: dc=rdlg,dc=net
>>>
>>> Skipping synchronizing time with NTP server.
>>> New SSSD config will be created
>>> Configured sudoers in /etc/nsswitch.conf
>>> Configured /etc/sssd/sssd.conf
>>> trying https://ipa.rdlg.net/ipa/json
>>> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>>>
>>> Checking the /var/log/httpd/error.log has 2 days of just this:
>>>
>>> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Robert L. Harris

I left SELinux enabled, no change, still streaming the same error:

[Tue May 16 14:36:48.957848 2017] [:error] [pid 10780] NSS_Initialize
failed. Certificate database: /etc/httpd/alias.
[Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library Error:
-8038 SEC_ERROR_NOT_INITIALIZED
[Tue May 16 14:36:48.957886 2017] [:error] [pid 10780] Does the NSS
database exist?



On Tue, May 16, 2017 at 2:12 PM Andrew Holway 
wrote:

> Yea, I would try installing IPA then making the changes that you want. I
> think SELinux should be left enabled however. It makes admin super fun! :)
>
>
> On 16 May 2017 at 21:57, Robert L. Harris 
> wrote:
>
>>
>> I did disable selinux as it gave errors setting up my standard users,
>> etc.  I can roll back the snapshot, set it at 4Gigs of RAM and re-enable
>> selinux and then try again.
>>
>>
>> On Tue, May 16, 2017 at 1:52 PM Andrew Holway 
>> wrote:
>>
>>> This is pretty weird. FreeIPA installation normally works.
>>>
>>> Has the operating system image been changed or optimised somehow?
>>> Perhaps SELinux has been disabled? Have you tried installing Centos7 from
>>> the ISO?
>>>
>>> On 16 May 2017 at 21:48, Robert L. Harris 
>>> wrote:
>>>

2 Gigs, it's a VM.  The VM didn't report any memory issues ( no
 alarms on VMWare )


 On Tue, May 16, 2017 at 12:29 PM Andrew Holway 
 wrote:

> Hallo,
>
> How much memory do you have on the machine. I have a sneaking
> suspicion that you're running out.
>
> Ta,
>
> Andrew
>
> On 16 May 2017 at 17:16, Robert L. Harris 
> wrote:
>
>>
>> Last night I rolled back my snapshot.  Here's what I have after the
>> yum install
>>
>> "minimal" install of Centos7 + basic build.
>> {0}:/var/log>cat /etc/*elease
>> CentOS Linux release 7.3.1611 (Core)
>> NAME="CentOS Linux"
>> VERSION="7 (Core)"
>> ID="centos"
>> ID_LIKE="rhel fedora"
>> VERSION_ID="7"
>> PRETTY_NAME="CentOS Linux 7 (Core)"
>> ANSI_COLOR="0;31"
>> CPE_NAME="cpe:/o:centos:centos:7"
>> HOME_URL="https://www.centos.org/;
>> BUG_REPORT_URL="https://bugs.centos.org/;
>>
>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>> REDHAT_SUPPORT_PRODUCT="centos"
>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>
>> CentOS Linux release 7.3.1611 (Core)
>> CentOS Linux release 7.3.1611 (Core)
>>
>>
>> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
>> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
>> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
>> ipa-common-4.4.0-14.el7.centos.7.noarch
>> perl-HTTP-Tiny-0.033-3.el7.noarch
>> python-iniparse-0.4-9.el7.noarch
>> ipa-client-common-4.4.0-14.el7.centos.7.noarch
>> pam_krb5-2.4.8-6.el7.x86_64
>> sssd-krb5-1.14.0-43.el7_3.14.x86_64
>> python-ipaddress-1.0.16-2.el7.noarch
>> python2-ipalib-4.4.0-14.el7.centos.7.noarch
>> krb5-libs-1.14.1-27.el7_3.x86_64
>> libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> sssd-ipa-1.14.0-43.el7_3.14.x86_64
>> krb5-workstation-1.14.1-27.el7_3.x86_64
>> ipa-client-4.4.0-14.el7.centos.7.x86_64
>>
>> Tried to pull an exact client.  The "yum install ipa-server" went
>> fine:
>>
>> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
>> ipa-server-4.4.0-14.el7.centos.7.x86_64
>> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>>
>>
>> "ipa-server-install" ran clean but has been stuck for 2 days:
>>
>> Restarting the directory server
>> Restarting the KDC
>> Please add records in this file to your DNS system:
>> /tmp/ipa.system.records.qLsLyx.db
>> Restarting the web server
>> Configuring client side components
>> Using existing certificate '/etc/ipa/ca.crt'.
>> Client hostname: ipa.rdlg.net
>> Realm: RDLG.NET
>> DNS Domain: rdlg.net
>> IPA Server: ipa.rdlg.net
>> BaseDN: dc=rdlg,dc=net
>>
>> Skipping synchronizing time with NTP server.
>> New SSSD config will be created
>> Configured sudoers in /etc/nsswitch.conf
>> Configured /etc/sssd/sssd.conf
>> trying https://ipa.rdlg.net/ipa/json
>> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>>
>> Checking the /var/log/httpd/error.log has 2 days of just this:
>>
>> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
>> failed. Certificate database: /etc/httpd/alias.
>> [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library
>> Error: -8038 SEC_ERROR_NOT_INITIALIZED
>> [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
>> database exist?
>>
>>
>> Robert
>>
>> On Fri, May 12, 2017

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Andrew Holway

Yea, I would try installing IPA then making the changes that you want. I
think SELinux should be left enabled however. It makes admin super fun! :)

On 16 May 2017 at 21:57, Robert L. Harris  wrote:

>
> I did disable selinux as it gave errors setting up my standard users,
> etc.  I can roll back the snapshot, set it at 4Gigs of RAM and re-enable
> selinux and then try again.
>
>
> On Tue, May 16, 2017 at 1:52 PM Andrew Holway 
> wrote:
>
>> This is pretty weird. FreeIPA installation normally works.
>>
>> Has the operating system image been changed or optimised somehow? Perhaps
>> SELinux has been disabled? Have you tried installing Centos7 from the ISO?
>>
>> On 16 May 2017 at 21:48, Robert L. Harris 
>> wrote:
>>
>>>
>>>2 Gigs, it's a VM.  The VM didn't report any memory issues ( no
>>> alarms on VMWare )
>>>
>>>
>>> On Tue, May 16, 2017 at 12:29 PM Andrew Holway 
>>> wrote:
>>>
 Hallo,

 How much memory do you have on the machine. I have a sneaking suspicion
 that you're running out.

 Ta,

 Andrew

 On 16 May 2017 at 17:16, Robert L. Harris 
 wrote:

>
> Last night I rolled back my snapshot.  Here's what I have after the
> yum install
>
> "minimal" install of Centos7 + basic build.
> {0}:/var/log>cat /etc/*elease
> CentOS Linux release 7.3.1611 (Core)
> NAME="CentOS Linux"
> VERSION="7 (Core)"
> ID="centos"
> ID_LIKE="rhel fedora"
> VERSION_ID="7"
> PRETTY_NAME="CentOS Linux 7 (Core)"
> ANSI_COLOR="0;31"
> CPE_NAME="cpe:/o:centos:centos:7"
> HOME_URL="https://www.centos.org/;
> BUG_REPORT_URL="https://bugs.centos.org/;
>
> CENTOS_MANTISBT_PROJECT="CentOS-7"
> CENTOS_MANTISBT_PROJECT_VERSION="7"
> REDHAT_SUPPORT_PRODUCT="centos"
> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>
> CentOS Linux release 7.3.1611 (Core)
> CentOS Linux release 7.3.1611 (Core)
>
>
> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
> ipa-common-4.4.0-14.el7.centos.7.noarch
> perl-HTTP-Tiny-0.033-3.el7.noarch
> python-iniparse-0.4-9.el7.noarch
> ipa-client-common-4.4.0-14.el7.centos.7.noarch
> pam_krb5-2.4.8-6.el7.x86_64
> sssd-krb5-1.14.0-43.el7_3.14.x86_64
> python-ipaddress-1.0.16-2.el7.noarch
> python2-ipalib-4.4.0-14.el7.centos.7.noarch
> krb5-libs-1.14.1-27.el7_3.x86_64
> libipa_hbac-1.14.0-43.el7_3.14.x86_64
> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
> sssd-ipa-1.14.0-43.el7_3.14.x86_64
> krb5-workstation-1.14.1-27.el7_3.x86_64
> ipa-client-4.4.0-14.el7.centos.7.x86_64
>
> Tried to pull an exact client.  The "yum install ipa-server" went fine:
>
> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
> ipa-server-4.4.0-14.el7.centos.7.x86_64
> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>
>
> "ipa-server-install" ran clean but has been stuck for 2 days:
>
> Restarting the directory server
> Restarting the KDC
> Please add records in this file to your DNS system:
> /tmp/ipa.system.records.qLsLyx.db
> Restarting the web server
> Configuring client side components
> Using existing certificate '/etc/ipa/ca.crt'.
> Client hostname: ipa.rdlg.net
> Realm: RDLG.NET
> DNS Domain: rdlg.net
> IPA Server: ipa.rdlg.net
> BaseDN: dc=rdlg,dc=net
>
> Skipping synchronizing time with NTP server.
> New SSSD config will be created
> Configured sudoers in /etc/nsswitch.conf
> Configured /etc/sssd/sssd.conf
> trying https://ipa.rdlg.net/ipa/json
> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>
> Checking the /var/log/httpd/error.log has 2 days of just this:
>
> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
> failed. Certificate database: /etc/httpd/alias.
> [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library
> Error: -8038 SEC_ERROR_NOT_INITIALIZED
> [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
> database exist?
>
>
> Robert
>
> On Fri, May 12, 2017 at 11:14 AM Rob Crittenden 
> wrote:
>
>> Robert L. Harris wrote:
>> >
>> > Hmmm
>> >
>> > {0}:/var/log>ls
>> > anaconda  btmp  dmesg  grubby  maillog   ppp
>> secure
>> > tallylog  wtmp
>> > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm
>>  spooler
>> >  tuned yum.log
>> > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
>> > vmware-vmsvc.log
>> >
>> >
>> > root@ipa
>> > {1}:/var/log>rpm -q -l http
>> > package http is not

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Robert L. Harris

I did disable selinux as it gave errors setting up my standard users, etc.
I can roll back the snapshot, set it at 4Gigs of RAM and re-enable selinux
and then try again.

On Tue, May 16, 2017 at 1:52 PM Andrew Holway 
wrote:

> This is pretty weird. FreeIPA installation normally works.
>
> Has the operating system image been changed or optimised somehow? Perhaps
> SELinux has been disabled? Have you tried installing Centos7 from the ISO?
>
> On 16 May 2017 at 21:48, Robert L. Harris 
> wrote:
>
>>
>>2 Gigs, it's a VM.  The VM didn't report any memory issues ( no alarms
>> on VMWare )
>>
>>
>> On Tue, May 16, 2017 at 12:29 PM Andrew Holway 
>> wrote:
>>
>>> Hallo,
>>>
>>> How much memory do you have on the machine. I have a sneaking suspicion
>>> that you're running out.
>>>
>>> Ta,
>>>
>>> Andrew
>>>
>>> On 16 May 2017 at 17:16, Robert L. Harris 
>>> wrote:
>>>

 Last night I rolled back my snapshot.  Here's what I have after the yum
 install

 "minimal" install of Centos7 + basic build.
 {0}:/var/log>cat /etc/*elease
 CentOS Linux release 7.3.1611 (Core)
 NAME="CentOS Linux"
 VERSION="7 (Core)"
 ID="centos"
 ID_LIKE="rhel fedora"
 VERSION_ID="7"
 PRETTY_NAME="CentOS Linux 7 (Core)"
 ANSI_COLOR="0;31"
 CPE_NAME="cpe:/o:centos:centos:7"
 HOME_URL="https://www.centos.org/;
 BUG_REPORT_URL="https://bugs.centos.org/;

 CENTOS_MANTISBT_PROJECT="CentOS-7"
 CENTOS_MANTISBT_PROJECT_VERSION="7"
 REDHAT_SUPPORT_PRODUCT="centos"
 REDHAT_SUPPORT_PRODUCT_VERSION="7"

 CentOS Linux release 7.3.1611 (Core)
 CentOS Linux release 7.3.1611 (Core)

 {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
 sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
 python2-ipaclient-4.4.0-14.el7.centos.7.noarch
 ipa-common-4.4.0-14.el7.centos.7.noarch
 perl-HTTP-Tiny-0.033-3.el7.noarch
 python-iniparse-0.4-9.el7.noarch
 ipa-client-common-4.4.0-14.el7.centos.7.noarch
 pam_krb5-2.4.8-6.el7.x86_64
 sssd-krb5-1.14.0-43.el7_3.14.x86_64
 python-ipaddress-1.0.16-2.el7.noarch
 python2-ipalib-4.4.0-14.el7.centos.7.noarch
 krb5-libs-1.14.1-27.el7_3.x86_64
 libipa_hbac-1.14.0-43.el7_3.14.x86_64
 python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
 sssd-ipa-1.14.0-43.el7_3.14.x86_64
 krb5-workstation-1.14.1-27.el7_3.x86_64
 ipa-client-4.4.0-14.el7.centos.7.x86_64

 Tried to pull an exact client.  The "yum install ipa-server" went fine:

 {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
 ipa-server-4.4.0-14.el7.centos.7.x86_64
 ipa-server-common-4.4.0-14.el7.centos.7.noarch

 "ipa-server-install" ran clean but has been stuck for 2 days:

 Restarting the directory server
 Restarting the KDC
 Please add records in this file to your DNS system:
 /tmp/ipa.system.records.qLsLyx.db
 Restarting the web server
 Configuring client side components
 Using existing certificate '/etc/ipa/ca.crt'.
 Client hostname: ipa.rdlg.net
 Realm: RDLG.NET
 DNS Domain: rdlg.net
 IPA Server: ipa.rdlg.net
 BaseDN: dc=rdlg,dc=net

 Skipping synchronizing time with NTP server.
 New SSSD config will be created
 Configured sudoers in /etc/nsswitch.conf
 Configured /etc/sssd/sssd.conf
 trying https://ipa.rdlg.net/ipa/json
 Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'

 Checking the /var/log/httpd/error.log has 2 days of just this:

 [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
 failed. Certificate database: /etc/httpd/alias.
 [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library
 Error: -8038 SEC_ERROR_NOT_INITIALIZED
 [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
 database exist?

 Robert

 On Fri, May 12, 2017 at 11:14 AM Rob Crittenden 
 wrote:

> Robert L. Harris wrote:
> >
> > Hmmm
> >
> > {0}:/var/log>ls
> > anaconda  btmp  dmesg  grubby  maillog   ppp
> secure
> > tallylog  wtmp
> > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm
>  spooler
> >  tuned yum.log
> > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
> > vmware-vmsvc.log
> >
> >
> > root@ipa
> > {1}:/var/log>rpm -q -l http
> > package http is not installed
> >
> > root@ipa
> > {1}:/var/log>rpm -q -a | grep -i http
> > perl-HTTP-Tiny-0.033-3.el7.noarch
> >
> > root@ipa
> > {0}:/var/log>rpm -q -a | grep -i tomcat
> >
> >
> > Doesn't look like an httpd was installed as a dependancy?
>
> I find this very hard to believe given that it go so far as to
> configure
> things in

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Andrew Holway

This is pretty weird. FreeIPA installation normally works.

Has the operating system image been changed or optimised somehow? Perhaps
SELinux has been disabled? Have you tried installing Centos7 from the ISO?

On 16 May 2017 at 21:48, Robert L. Harris  wrote:

>
>2 Gigs, it's a VM.  The VM didn't report any memory issues ( no alarms
> on VMWare )
>
>
> On Tue, May 16, 2017 at 12:29 PM Andrew Holway 
> wrote:
>
>> Hallo,
>>
>> How much memory do you have on the machine. I have a sneaking suspicion
>> that you're running out.
>>
>> Ta,
>>
>> Andrew
>>
>> On 16 May 2017 at 17:16, Robert L. Harris 
>> wrote:
>>
>>>
>>> Last night I rolled back my snapshot.  Here's what I have after the yum
>>> install
>>>
>>> "minimal" install of Centos7 + basic build.
>>> {0}:/var/log>cat /etc/*elease
>>> CentOS Linux release 7.3.1611 (Core)
>>> NAME="CentOS Linux"
>>> VERSION="7 (Core)"
>>> ID="centos"
>>> ID_LIKE="rhel fedora"
>>> VERSION_ID="7"
>>> PRETTY_NAME="CentOS Linux 7 (Core)"
>>> ANSI_COLOR="0;31"
>>> CPE_NAME="cpe:/o:centos:centos:7"
>>> HOME_URL="https://www.centos.org/;
>>> BUG_REPORT_URL="https://bugs.centos.org/;
>>>
>>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>>> REDHAT_SUPPORT_PRODUCT="centos"
>>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>>
>>> CentOS Linux release 7.3.1611 (Core)
>>> CentOS Linux release 7.3.1611 (Core)
>>>
>>>
>>> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
>>> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
>>> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
>>> ipa-common-4.4.0-14.el7.centos.7.noarch
>>> perl-HTTP-Tiny-0.033-3.el7.noarch
>>> python-iniparse-0.4-9.el7.noarch
>>> ipa-client-common-4.4.0-14.el7.centos.7.noarch
>>> pam_krb5-2.4.8-6.el7.x86_64
>>> sssd-krb5-1.14.0-43.el7_3.14.x86_64
>>> python-ipaddress-1.0.16-2.el7.noarch
>>> python2-ipalib-4.4.0-14.el7.centos.7.noarch
>>> krb5-libs-1.14.1-27.el7_3.x86_64
>>> libipa_hbac-1.14.0-43.el7_3.14.x86_64
>>> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
>>> sssd-ipa-1.14.0-43.el7_3.14.x86_64
>>> krb5-workstation-1.14.1-27.el7_3.x86_64
>>> ipa-client-4.4.0-14.el7.centos.7.x86_64
>>>
>>> Tried to pull an exact client.  The "yum install ipa-server" went fine:
>>>
>>> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
>>> ipa-server-4.4.0-14.el7.centos.7.x86_64
>>> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>>>
>>>
>>> "ipa-server-install" ran clean but has been stuck for 2 days:
>>>
>>> Restarting the directory server
>>> Restarting the KDC
>>> Please add records in this file to your DNS system:
>>> /tmp/ipa.system.records.qLsLyx.db
>>> Restarting the web server
>>> Configuring client side components
>>> Using existing certificate '/etc/ipa/ca.crt'.
>>> Client hostname: ipa.rdlg.net
>>> Realm: RDLG.NET
>>> DNS Domain: rdlg.net
>>> IPA Server: ipa.rdlg.net
>>> BaseDN: dc=rdlg,dc=net
>>>
>>> Skipping synchronizing time with NTP server.
>>> New SSSD config will be created
>>> Configured sudoers in /etc/nsswitch.conf
>>> Configured /etc/sssd/sssd.conf
>>> trying https://ipa.rdlg.net/ipa/json
>>> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>>>
>>> Checking the /var/log/httpd/error.log has 2 days of just this:
>>>
>>> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
>>> failed. Certificate database: /etc/httpd/alias.
>>> [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library Error:
>>> -8038 SEC_ERROR_NOT_INITIALIZED
>>> [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
>>> database exist?
>>>
>>>
>>> Robert
>>>
>>> On Fri, May 12, 2017 at 11:14 AM Rob Crittenden 
>>> wrote:
>>>
 Robert L. Harris wrote:
 >
 > Hmmm
 >
 > {0}:/var/log>ls
 > anaconda  btmp  dmesg  grubby  maillog   pppsecure
 > tallylog  wtmp
 > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm
  spooler
 >  tuned yum.log
 > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
 > vmware-vmsvc.log
 >
 >
 > root@ipa
 > {1}:/var/log>rpm -q -l http
 > package http is not installed
 >
 > root@ipa
 > {1}:/var/log>rpm -q -a | grep -i http
 > perl-HTTP-Tiny-0.033-3.el7.noarch
 >
 > root@ipa
 > {0}:/var/log>rpm -q -a | grep -i tomcat
 >
 >
 > Doesn't look like an httpd was installed as a dependancy?

 I find this very hard to believe given that it go so far as to configure
 things in Apache, restart it, etc. What version of [free]ipa-server is
 installed? How did you install it and from what repo?

 rob

 >
 >
 >
 >
 >
 > On Fri, May 12, 2017 at 1:17 AM Martin Bašti  > wrote:
 >
 > That's weird, it should be super fast, anything in
 > /var/log/httpd/error_log?
 >
 >

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Robert L. Harris

   2 Gigs, it's a VM.  The VM didn't report any memory issues ( no alarms
on VMWare )


On Tue, May 16, 2017 at 12:29 PM Andrew Holway 
wrote:

> Hallo,
>
> How much memory do you have on the machine. I have a sneaking suspicion
> that you're running out.
>
> Ta,
>
> Andrew
>
> On 16 May 2017 at 17:16, Robert L. Harris 
> wrote:
>
>>
>> Last night I rolled back my snapshot.  Here's what I have after the yum
>> install
>>
>> "minimal" install of Centos7 + basic build.
>> {0}:/var/log>cat /etc/*elease
>> CentOS Linux release 7.3.1611 (Core)
>> NAME="CentOS Linux"
>> VERSION="7 (Core)"
>> ID="centos"
>> ID_LIKE="rhel fedora"
>> VERSION_ID="7"
>> PRETTY_NAME="CentOS Linux 7 (Core)"
>> ANSI_COLOR="0;31"
>> CPE_NAME="cpe:/o:centos:centos:7"
>> HOME_URL="https://www.centos.org/;
>> BUG_REPORT_URL="https://bugs.centos.org/;
>>
>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>> REDHAT_SUPPORT_PRODUCT="centos"
>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>
>> CentOS Linux release 7.3.1611 (Core)
>> CentOS Linux release 7.3.1611 (Core)
>>
>>
>> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
>> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
>> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
>> ipa-common-4.4.0-14.el7.centos.7.noarch
>> perl-HTTP-Tiny-0.033-3.el7.noarch
>> python-iniparse-0.4-9.el7.noarch
>> ipa-client-common-4.4.0-14.el7.centos.7.noarch
>> pam_krb5-2.4.8-6.el7.x86_64
>> sssd-krb5-1.14.0-43.el7_3.14.x86_64
>> python-ipaddress-1.0.16-2.el7.noarch
>> python2-ipalib-4.4.0-14.el7.centos.7.noarch
>> krb5-libs-1.14.1-27.el7_3.x86_64
>> libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
>> sssd-ipa-1.14.0-43.el7_3.14.x86_64
>> krb5-workstation-1.14.1-27.el7_3.x86_64
>> ipa-client-4.4.0-14.el7.centos.7.x86_64
>>
>> Tried to pull an exact client.  The "yum install ipa-server" went fine:
>>
>> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
>> ipa-server-4.4.0-14.el7.centos.7.x86_64
>> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>>
>>
>> "ipa-server-install" ran clean but has been stuck for 2 days:
>>
>> Restarting the directory server
>> Restarting the KDC
>> Please add records in this file to your DNS system:
>> /tmp/ipa.system.records.qLsLyx.db
>> Restarting the web server
>> Configuring client side components
>> Using existing certificate '/etc/ipa/ca.crt'.
>> Client hostname: ipa.rdlg.net
>> Realm: RDLG.NET
>> DNS Domain: rdlg.net
>> IPA Server: ipa.rdlg.net
>> BaseDN: dc=rdlg,dc=net
>>
>> Skipping synchronizing time with NTP server.
>> New SSSD config will be created
>> Configured sudoers in /etc/nsswitch.conf
>> Configured /etc/sssd/sssd.conf
>> trying https://ipa.rdlg.net/ipa/json
>> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>>
>> Checking the /var/log/httpd/error.log has 2 days of just this:
>>
>> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
>> failed. Certificate database: /etc/httpd/alias.
>> [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library Error:
>> -8038 SEC_ERROR_NOT_INITIALIZED
>> [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
>> database exist?
>>
>>
>> Robert
>>
>> On Fri, May 12, 2017 at 11:14 AM Rob Crittenden 
>> wrote:
>>
>>> Robert L. Harris wrote:
>>> >
>>> > Hmmm
>>> >
>>> > {0}:/var/log>ls
>>> > anaconda  btmp  dmesg  grubby  maillog   pppsecure
>>> > tallylog  wtmp
>>> > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm   spooler
>>> >  tuned yum.log
>>> > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
>>> > vmware-vmsvc.log
>>> >
>>> >
>>> > root@ipa
>>> > {1}:/var/log>rpm -q -l http
>>> > package http is not installed
>>> >
>>> > root@ipa
>>> > {1}:/var/log>rpm -q -a | grep -i http
>>> > perl-HTTP-Tiny-0.033-3.el7.noarch
>>> >
>>> > root@ipa
>>> > {0}:/var/log>rpm -q -a | grep -i tomcat
>>> >
>>> >
>>> > Doesn't look like an httpd was installed as a dependancy?
>>>
>>> I find this very hard to believe given that it go so far as to configure
>>> things in Apache, restart it, etc. What version of [free]ipa-server is
>>> installed? How did you install it and from what repo?
>>>
>>> rob
>>>
>>> >
>>> >
>>> >
>>> >
>>> >
>>> > On Fri, May 12, 2017 at 1:17 AM Martin Bašti >> > > wrote:
>>> >
>>> > That's weird, it should be super fast, anything in
>>> > /var/log/httpd/error_log?
>>> >
>>> >
>>> > On 11.05.2017 22:23, Robert L. Harris wrote:
>>> >>
>>> >> Odd, must have clicked reply instead of reply-all.
>>> >>
>>> >> Anyway, I did the revert and re-install.  Actual install went
>>> >> through fine then the "ipa-server-install" ran until this:
>>> >>
>>> >>   [8/9]: restoring configuration
>>> >>   [9/9]: starting directory server
>>> >> Done.
>>> >> Restarting the directory server
>>> >> Restarting the

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Andrew Holway

Hallo,

How much memory do you have on the machine. I have a sneaking suspicion
that you're running out.

Ta,

Andrew

On 16 May 2017 at 17:16, Robert L. Harris  wrote:

>
> Last night I rolled back my snapshot.  Here's what I have after the yum
> install
>
> "minimal" install of Centos7 + basic build.
> {0}:/var/log>cat /etc/*elease
> CentOS Linux release 7.3.1611 (Core)
> NAME="CentOS Linux"
> VERSION="7 (Core)"
> ID="centos"
> ID_LIKE="rhel fedora"
> VERSION_ID="7"
> PRETTY_NAME="CentOS Linux 7 (Core)"
> ANSI_COLOR="0;31"
> CPE_NAME="cpe:/o:centos:centos:7"
> HOME_URL="https://www.centos.org/;
> BUG_REPORT_URL="https://bugs.centos.org/;
>
> CENTOS_MANTISBT_PROJECT="CentOS-7"
> CENTOS_MANTISBT_PROJECT_VERSION="7"
> REDHAT_SUPPORT_PRODUCT="centos"
> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>
> CentOS Linux release 7.3.1611 (Core)
> CentOS Linux release 7.3.1611 (Core)
>
>
> {0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
> sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
> python2-ipaclient-4.4.0-14.el7.centos.7.noarch
> ipa-common-4.4.0-14.el7.centos.7.noarch
> perl-HTTP-Tiny-0.033-3.el7.noarch
> python-iniparse-0.4-9.el7.noarch
> ipa-client-common-4.4.0-14.el7.centos.7.noarch
> pam_krb5-2.4.8-6.el7.x86_64
> sssd-krb5-1.14.0-43.el7_3.14.x86_64
> python-ipaddress-1.0.16-2.el7.noarch
> python2-ipalib-4.4.0-14.el7.centos.7.noarch
> krb5-libs-1.14.1-27.el7_3.x86_64
> libipa_hbac-1.14.0-43.el7_3.14.x86_64
> python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
> sssd-ipa-1.14.0-43.el7_3.14.x86_64
> krb5-workstation-1.14.1-27.el7_3.x86_64
> ipa-client-4.4.0-14.el7.centos.7.x86_64
>
> Tried to pull an exact client.  The "yum install ipa-server" went fine:
>
> {0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
> ipa-server-4.4.0-14.el7.centos.7.x86_64
> ipa-server-common-4.4.0-14.el7.centos.7.noarch
>
>
> "ipa-server-install" ran clean but has been stuck for 2 days:
>
> Restarting the directory server
> Restarting the KDC
> Please add records in this file to your DNS system:
> /tmp/ipa.system.records.qLsLyx.db
> Restarting the web server
> Configuring client side components
> Using existing certificate '/etc/ipa/ca.crt'.
> Client hostname: ipa.rdlg.net
> Realm: RDLG.NET
> DNS Domain: rdlg.net
> IPA Server: ipa.rdlg.net
> BaseDN: dc=rdlg,dc=net
>
> Skipping synchronizing time with NTP server.
> New SSSD config will be created
> Configured sudoers in /etc/nsswitch.conf
> Configured /etc/sssd/sssd.conf
> trying https://ipa.rdlg.net/ipa/json
> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>
> Checking the /var/log/httpd/error.log has 2 days of just this:
>
> [Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
> failed. Certificate database: /etc/httpd/alias.
> [Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library Error:
> -8038 SEC_ERROR_NOT_INITIALIZED
> [Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS
> database exist?
>
>
> Robert
>
> On Fri, May 12, 2017 at 11:14 AM Rob Crittenden 
> wrote:
>
>> Robert L. Harris wrote:
>> >
>> > Hmmm
>> >
>> > {0}:/var/log>ls
>> > anaconda  btmp  dmesg  grubby  maillog   pppsecure
>> > tallylog  wtmp
>> > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm   spooler
>> >  tuned yum.log
>> > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
>> > vmware-vmsvc.log
>> >
>> >
>> > root@ipa
>> > {1}:/var/log>rpm -q -l http
>> > package http is not installed
>> >
>> > root@ipa
>> > {1}:/var/log>rpm -q -a | grep -i http
>> > perl-HTTP-Tiny-0.033-3.el7.noarch
>> >
>> > root@ipa
>> > {0}:/var/log>rpm -q -a | grep -i tomcat
>> >
>> >
>> > Doesn't look like an httpd was installed as a dependancy?
>>
>> I find this very hard to believe given that it go so far as to configure
>> things in Apache, restart it, etc. What version of [free]ipa-server is
>> installed? How did you install it and from what repo?
>>
>> rob
>>
>> >
>> >
>> >
>> >
>> >
>> > On Fri, May 12, 2017 at 1:17 AM Martin Bašti > > > wrote:
>> >
>> > That's weird, it should be super fast, anything in
>> > /var/log/httpd/error_log?
>> >
>> >
>> > On 11.05.2017 22:23, Robert L. Harris wrote:
>> >>
>> >> Odd, must have clicked reply instead of reply-all.
>> >>
>> >> Anyway, I did the revert and re-install.  Actual install went
>> >> through fine then the "ipa-server-install" ran until this:
>> >>
>> >>   [8/9]: restoring configuration
>> >>   [9/9]: starting directory server
>> >> Done.
>> >> Restarting the directory server
>> >> Restarting the KDC
>> >> Please add records in this file to your DNS system:
>> >> /tmp/ipa.system.records.v5Jwrt.db
>> >> Restarting the web server
>> >> Configuring client side components
>> >> Using existing certificate '/etc/ipa/ca.crt'.
>> >> Client hostname: ipa.rdlg.net 
>> >> Realm:

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-16 Thread Robert L. Harris

Last night I rolled back my snapshot.  Here's what I have after the yum
install

"minimal" install of Centos7 + basic build.
{0}:/var/log>cat /etc/*elease
CentOS Linux release 7.3.1611 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/;
BUG_REPORT_URL="https://bugs.centos.org/;

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.3.1611 (Core)
CentOS Linux release 7.3.1611 (Core)


{0}:/var/log>rpm -q -a | egrep -i 'http|apach|tomc|ipa|krb'
sssd-krb5-common-1.14.0-43.el7_3.14.x86_64
python2-ipaclient-4.4.0-14.el7.centos.7.noarch
ipa-common-4.4.0-14.el7.centos.7.noarch
perl-HTTP-Tiny-0.033-3.el7.noarch
python-iniparse-0.4-9.el7.noarch
ipa-client-common-4.4.0-14.el7.centos.7.noarch
pam_krb5-2.4.8-6.el7.x86_64
sssd-krb5-1.14.0-43.el7_3.14.x86_64
python-ipaddress-1.0.16-2.el7.noarch
python2-ipalib-4.4.0-14.el7.centos.7.noarch
krb5-libs-1.14.1-27.el7_3.x86_64
libipa_hbac-1.14.0-43.el7_3.14.x86_64
python-libipa_hbac-1.14.0-43.el7_3.14.x86_64
sssd-ipa-1.14.0-43.el7_3.14.x86_64
krb5-workstation-1.14.1-27.el7_3.x86_64
ipa-client-4.4.0-14.el7.centos.7.x86_64

Tried to pull an exact client.  The "yum install ipa-server" went fine:

{0}:/var/log/httpd>rpm -a -q | grep -i ipa-server
ipa-server-4.4.0-14.el7.centos.7.x86_64
ipa-server-common-4.4.0-14.el7.centos.7.noarch


"ipa-server-install" ran clean but has been stuck for 2 days:

Restarting the directory server
Restarting the KDC
Please add records in this file to your DNS system:
/tmp/ipa.system.records.qLsLyx.db
Restarting the web server
Configuring client side components
Using existing certificate '/etc/ipa/ca.crt'.
Client hostname: ipa.rdlg.net
Realm: RDLG.NET
DNS Domain: rdlg.net
IPA Server: ipa.rdlg.net
BaseDN: dc=rdlg,dc=net

Skipping synchronizing time with NTP server.
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
trying https://ipa.rdlg.net/ipa/json
Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'

Checking the /var/log/httpd/error.log has 2 days of just this:

[Tue May 16 09:14:42.941476 2017] [:error] [pid 1182] NSS_Initialize
failed. Certificate database: /etc/httpd/alias.
[Tue May 16 09:14:42.941499 2017] [:error] [pid 1182] SSL Library Error:
-8038 SEC_ERROR_NOT_INITIALIZED
[Tue May 16 09:14:42.941501 2017] [:error] [pid 1182] Does the NSS database
exist?


Robert

On Fri, May 12, 2017 at 11:14 AM Rob Crittenden  wrote:

> Robert L. Harris wrote:
> >
> > Hmmm
> >
> > {0}:/var/log>ls
> > anaconda  btmp  dmesg  grubby  maillog   pppsecure
> > tallylog  wtmp
> > audit cron  dmesg.old  grubby_prune_debug  messages  rhsm   spooler
> >  tuned yum.log
> > boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
> > vmware-vmsvc.log
> >
> >
> > root@ipa
> > {1}:/var/log>rpm -q -l http
> > package http is not installed
> >
> > root@ipa
> > {1}:/var/log>rpm -q -a | grep -i http
> > perl-HTTP-Tiny-0.033-3.el7.noarch
> >
> > root@ipa
> > {0}:/var/log>rpm -q -a | grep -i tomcat
> >
> >
> > Doesn't look like an httpd was installed as a dependancy?
>
> I find this very hard to believe given that it go so far as to configure
> things in Apache, restart it, etc. What version of [free]ipa-server is
> installed? How did you install it and from what repo?
>
> rob
>
> >
> >
> >
> >
> >
> > On Fri, May 12, 2017 at 1:17 AM Martin Bašti  > > wrote:
> >
> > That's weird, it should be super fast, anything in
> > /var/log/httpd/error_log?
> >
> >
> > On 11.05.2017 22:23, Robert L. Harris wrote:
> >>
> >> Odd, must have clicked reply instead of reply-all.
> >>
> >> Anyway, I did the revert and re-install.  Actual install went
> >> through fine then the "ipa-server-install" ran until this:
> >>
> >>   [8/9]: restoring configuration
> >>   [9/9]: starting directory server
> >> Done.
> >> Restarting the directory server
> >> Restarting the KDC
> >> Please add records in this file to your DNS system:
> >> /tmp/ipa.system.records.v5Jwrt.db
> >> Restarting the web server
> >> Configuring client side components
> >> Using existing certificate '/etc/ipa/ca.crt'.
> >> Client hostname: ipa.rdlg.net 
> >> Realm: RDLG.NET 
> >> DNS Domain: rdlg.net 
> >> IPA Server: ipa.rdlg.net 
> >> BaseDN: dc=rdlg,dc=net
> >>
> >> Skipping synchronizing time with NTP server.
> >> New SSSD config will be created
> >> Configured sudoers in /etc/nsswitch.conf
> >> Configured /etc/sssd/sssd.conf
> >> trying https://ipa.rdlg.net/ipa/json
> >> Forwarding 'schema'

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-12 Thread Rob Crittenden

Robert L. Harris wrote:
> 
> Hmmm
> 
> {0}:/var/log>ls
> anaconda  btmp  dmesg  grubby  maillog   pppsecure  
> tallylog  wtmp
> audit cron  dmesg.old  grubby_prune_debug  messages  rhsm   spooler
>  tuned yum.log
> boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
> vmware-vmsvc.log
> 
> 
> root@ipa
> {1}:/var/log>rpm -q -l http
> package http is not installed
> 
> root@ipa
> {1}:/var/log>rpm -q -a | grep -i http
> perl-HTTP-Tiny-0.033-3.el7.noarch
> 
> root@ipa
> {0}:/var/log>rpm -q -a | grep -i tomcat
> 
> 
> Doesn't look like an httpd was installed as a dependancy?

I find this very hard to believe given that it go so far as to configure
things in Apache, restart it, etc. What version of [free]ipa-server is
installed? How did you install it and from what repo?

rob

> 
> 
> 
> 
> 
> On Fri, May 12, 2017 at 1:17 AM Martin Bašti  > wrote:
> 
> That's weird, it should be super fast, anything in
> /var/log/httpd/error_log?
> 
> 
> On 11.05.2017 22:23, Robert L. Harris wrote:
>>
>> Odd, must have clicked reply instead of reply-all.
>>
>> Anyway, I did the revert and re-install.  Actual install went
>> through fine then the "ipa-server-install" ran until this:
>>
>>   [8/9]: restoring configuration
>>   [9/9]: starting directory server
>> Done.
>> Restarting the directory server
>> Restarting the KDC
>> Please add records in this file to your DNS system:
>> /tmp/ipa.system.records.v5Jwrt.db
>> Restarting the web server
>> Configuring client side components
>> Using existing certificate '/etc/ipa/ca.crt'.
>> Client hostname: ipa.rdlg.net 
>> Realm: RDLG.NET 
>> DNS Domain: rdlg.net 
>> IPA Server: ipa.rdlg.net 
>> BaseDN: dc=rdlg,dc=net
>>
>> Skipping synchronizing time with NTP server.
>> New SSSD config will be created
>> Configured sudoers in /etc/nsswitch.conf
>> Configured /etc/sssd/sssd.conf
>> trying https://ipa.rdlg.net/ipa/json
>> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>>
>>
>> It's been sitting there for a while ( 4 hours? )  I don't see
>> anyting in the ipaserver-install.log, but it's here:
>>  https://pastebin.com/biK1Dmv7
>>
>>
>>
>> On Thu, May 11, 2017 at 8:12 AM Martin Bašti > > wrote:
>>
>> Please keep freeipa-users in CC
>>
>> Snapshot is always better, so I suggest to use it. Otherwise
>> there is an option --ignore-last-of-role to unblock
>> uninstallation.
>>
>> Martin
>>
>>
>> On 11.05.2017 16:00, Robert L. Harris wrote:
>>>
>>> Looks like you hit it, apache didn't have a group:
>>>
>>> -- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu
>>> 2017-05-11 07:48:27 MDT. --
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: Starting The Apache HTTP Server...
>>> May 10 20:36:00 ipa.rdlg.net 
>>> ipa-httpd-kdcproxy[28808]: ipa : INFO KDC proxy
>>> enabled
>>> May 10 20:36:00 ipa.rdlg.net 
>>> httpd[28809]: AH00544: httpd: bad group name apache
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: httpd.service: main process exited, code=exited,
>>> status=1/FAILURE
>>> May 10 20:36:00 ipa.rdlg.net 
>>> kill[28812]: kill: cannot find process ""
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: httpd.service: control process exited,
>>> code=exited status=1
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: Failed to start The Apache HTTP Server.
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: Unit httpd.service entered failed state.
>>> May 10 20:36:00 ipa.rdlg.net 
>>> systemd[1]: httpd.service failed.
>>>
>>> Thanks, didn't know that command.  I tried to continue the
>>> process:
>>>
>>> {0}:/root>ipa-server-install
>>>
>>> The log file for this installation can be found in
>>> /var/log/ipaserver-install.log
>>> ipa.ipapython.install.cli.install_tool(Server): ERRORIPA
>>> server is already configured on this system.
>>> If you want to reinstall the IPA server, please uninstall it
>>> first using 'ipa-server-install --uninstall'.
>>> ipa.ipapython.install.cli.install_tool(Server): ERRORThe
>>> ipa-server-install command failed. See
>>> /var/log/ipaserver-install.log for more information
>>>
>>> root@ipa
>>> {1}:/root>ipa-server-install  --uninstall
>>>
>>>

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-12 Thread Robert L. Harris

Hmmm

{0}:/var/log>ls
anaconda  btmp  dmesg  grubby  maillog   pppsecure
tallylog  wtmp
audit cron  dmesg.old  grubby_prune_debug  messages  rhsm   spooler
 tuned yum.log
boot.log  cups  firewalld  lastlog ntpstats  samba  sssd
vmware-vmsvc.log


root@ipa
{1}:/var/log>rpm -q -l http
package http is not installed

root@ipa
{1}:/var/log>rpm -q -a | grep -i http
perl-HTTP-Tiny-0.033-3.el7.noarch

root@ipa
{0}:/var/log>rpm -q -a | grep -i tomcat


Doesn't look like an httpd was installed as a dependancy?





On Fri, May 12, 2017 at 1:17 AM Martin Bašti  wrote:

> That's weird, it should be super fast, anything in
> /var/log/httpd/error_log?
>
> On 11.05.2017 22:23, Robert L. Harris wrote:
>
>
> Odd, must have clicked reply instead of reply-all.
>
> Anyway, I did the revert and re-install.  Actual install went through fine
> then the "ipa-server-install" ran until this:
>
>   [8/9]: restoring configuration
>   [9/9]: starting directory server
> Done.
> Restarting the directory server
> Restarting the KDC
> Please add records in this file to your DNS system:
> /tmp/ipa.system.records.v5Jwrt.db
> Restarting the web server
> Configuring client side components
> Using existing certificate '/etc/ipa/ca.crt'.
> Client hostname: ipa.rdlg.net
> Realm: RDLG.NET
> DNS Domain: rdlg.net
> IPA Server: ipa.rdlg.net
> BaseDN: dc=rdlg,dc=net
>
> Skipping synchronizing time with NTP server.
> New SSSD config will be created
> Configured sudoers in /etc/nsswitch.conf
> Configured /etc/sssd/sssd.conf
> trying https://ipa.rdlg.net/ipa/json
> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>
>
> It's been sitting there for a while ( 4 hours? )  I don't see anyting in
> the ipaserver-install.log, but it's here:  https://pastebin.com/biK1Dmv7
>
>
>
> On Thu, May 11, 2017 at 8:12 AM Martin Bašti  wrote:
>
>> Please keep freeipa-users in CC
>>
>> Snapshot is always better, so I suggest to use it. Otherwise there is an
>> option --ignore-last-of-role to unblock uninstallation.
>>
>> Martin
>>
>> On 11.05.2017 16:00, Robert L. Harris wrote:
>>
>>
>> Looks like you hit it, apache didn't have a group:
>>
>> -- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu 2017-05-11
>> 07:48:27 MDT. --
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: Starting The Apache HTTP
>> Server...
>> May 10 20:36:00 ipa.rdlg.net ipa-httpd-kdcproxy[28808]: ipa :
>> INFO KDC proxy enabled
>> May 10 20:36:00 ipa.rdlg.net httpd[28809]: AH00544: httpd: bad group
>> name apache
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: main process
>> exited, code=exited, status=1/FAILURE
>> May 10 20:36:00 ipa.rdlg.net kill[28812]: kill: cannot find process ""
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: control process
>> exited, code=exited status=1
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: Failed to start The Apache HTTP
>> Server.
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: Unit httpd.service entered
>> failed state.
>> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service failed.
>>
>> Thanks, didn't know that command.  I tried to continue the process:
>>
>> {0}:/root>ipa-server-install
>>
>> The log file for this installation can be found in
>> /var/log/ipaserver-install.log
>> ipa.ipapython.install.cli.install_tool(Server): ERRORIPA server is
>> already configured on this system.
>> If you want to reinstall the IPA server, please uninstall it first using
>> 'ipa-server-install --uninstall'.
>> ipa.ipapython.install.cli.install_tool(Server): ERRORThe
>> ipa-server-install command failed. See /var/log/ipaserver-install.log for
>> more information
>>
>> root@ipa
>> {1}:/root>ipa-server-install  --uninstall
>>
>> This is a NON REVERSIBLE operation and will delete all data and
>> configuration!
>>
>> Are you sure you want to continue with the uninstall procedure? [no]: yes
>> ipa : ERRORServer removal aborted: Deleting this server is
>> not allowed as it would leave your installation without a CA..
>>
>>
>>
>> This is a VM and I took a snapshot right before I started the install, so
>> I can revert, just make sure ti add the apache user before starting the
>> install.  Or if you have a better command to continue the
>> clean-up/install.
>>
>>
>> On Thu, May 11, 2017 at 2:19 AM Martin Bašti  wrote:
>>
>>> Hello,
>>>
>>> comments inline
>>>
>>> On 11.05.2017 06:06, Robert L. Harris wrote:
>>>
>>>
>>> Sigh... Sorry, it's been a long day, I thought I put that log in the
>>> first pastebin.  It's in this one:  https://pastebin.com/18PAXXNS
>>>
>>>
>>> Could you please provide journalctl -u httpd and
>>> /var/log/httpd/error_log ?
>>>
>>>
>>>
>>>
>>> Also,
>>>Anyone else get the constant spam when mailing this list?  Got an
>>> address to block for it?
>>>
>>>
>>> Sorry for that, there is a bot mining public archives. We plan to
>>> resolve this issue but it may take time as we are

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-12 Thread Martin Bašti


That's weird, it should be super fast, anything in /var/log/httpd/error_log?


On 11.05.2017 22:23, Robert L. Harris wrote:


Odd, must have clicked reply instead of reply-all.

Anyway, I did the revert and re-install.  Actual install went through 
fine then the "ipa-server-install" ran until this:


  [8/9]: restoring configuration
  [9/9]: starting directory server
Done.
Restarting the directory server
Restarting the KDC
Please add records in this file to your DNS system: 
/tmp/ipa.system.records.v5Jwrt.db

Restarting the web server
Configuring client side components
Using existing certificate '/etc/ipa/ca.crt'.
Client hostname: ipa.rdlg.net 
Realm: RDLG.NET 
DNS Domain: rdlg.net 
IPA Server: ipa.rdlg.net 
BaseDN: dc=rdlg,dc=net

Skipping synchronizing time with NTP server.
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
trying https://ipa.rdlg.net/ipa/json
Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'


It's been sitting there for a while ( 4 hours? )  I don't see anyting 
in the ipaserver-install.log, but it's here: https://pastebin.com/biK1Dmv7




On Thu, May 11, 2017 at 8:12 AM Martin Bašti > wrote:


Please keep freeipa-users in CC

Snapshot is always better, so I suggest to use it. Otherwise there
is an option --ignore-last-of-role to unblock uninstallation.

Martin


On 11.05.2017 16:00, Robert L. Harris wrote:


Looks like you hit it, apache didn't have a group:

-- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu
2017-05-11 07:48:27 MDT. --
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
Starting The Apache HTTP Server...
May 10 20:36:00 ipa.rdlg.net 
ipa-httpd-kdcproxy[28808]: ipa : INFO KDC proxy enabled
May 10 20:36:00 ipa.rdlg.net  httpd[28809]:
AH00544: httpd: bad group name apache
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
httpd.service: main process exited, code=exited, status=1/FAILURE
May 10 20:36:00 ipa.rdlg.net  kill[28812]:
kill: cannot find process ""
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
httpd.service: control process exited, code=exited status=1
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
Failed to start The Apache HTTP Server.
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
Unit httpd.service entered failed state.
May 10 20:36:00 ipa.rdlg.net  systemd[1]:
httpd.service failed.

Thanks, didn't know that command.  I tried to continue the process:

{0}:/root>ipa-server-install

The log file for this installation can be found in
/var/log/ipaserver-install.log
ipa.ipapython.install.cli.install_tool(Server): ERRORIPA
server is already configured on this system.
If you want to reinstall the IPA server, please uninstall it
first using 'ipa-server-install --uninstall'.
ipa.ipapython.install.cli.install_tool(Server): ERRORThe
ipa-server-install command failed. See
/var/log/ipaserver-install.log for more information

root@ipa
{1}:/root>ipa-server-install  --uninstall

This is a NON REVERSIBLE operation and will delete all data and
configuration!

Are you sure you want to continue with the uninstall procedure?
[no]: yes
ipa : ERRORServer removal aborted: Deleting this
server is not allowed as it would leave your installation without
a CA..



This is a VM and I took a snapshot right before I started the
install, so I can revert, just make sure ti add the apache user
before starting the install. Or if you have a better command to
continue the clean-up/install.


On Thu, May 11, 2017 at 2:19 AM Martin Bašti > wrote:

Hello,

comments inline


On 11.05.2017 06:06, Robert L. Harris wrote:


Sigh... Sorry, it's been a long day, I thought I put that
log in the first pastebin.  It's in this one:
https://pastebin.com/18PAXXNS


Could you please provide journalctl -u httpd and
/var/log/httpd/error_log ?





Also,
   Anyone else get the constant spam when mailing this
list?  Got an address to block for it?


Sorry for that, there is a bot mining public archives. We
plan to resolve this issue but it may take time as we are not
maintaining our mailman.

Martin




Robert




On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman
> wrote:

Robert, did you look in /var/log/ipaserver-install.log
as it says?

Was there any other

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-11 Thread Robert L. Harris

Odd, must have clicked reply instead of reply-all.

Anyway, I did the revert and re-install.  Actual install went through fine
then the "ipa-server-install" ran until this:

  [8/9]: restoring configuration
  [9/9]: starting directory server
Done.
Restarting the directory server
Restarting the KDC
Please add records in this file to your DNS system:
/tmp/ipa.system.records.v5Jwrt.db
Restarting the web server
Configuring client side components
Using existing certificate '/etc/ipa/ca.crt'.
Client hostname: ipa.rdlg.net
Realm: RDLG.NET
DNS Domain: rdlg.net
IPA Server: ipa.rdlg.net
BaseDN: dc=rdlg,dc=net

Skipping synchronizing time with NTP server.
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
trying https://ipa.rdlg.net/ipa/json
Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'


It's been sitting there for a while ( 4 hours? )  I don't see anyting in
the ipaserver-install.log, but it's here:  https://pastebin.com/biK1Dmv7



On Thu, May 11, 2017 at 8:12 AM Martin Bašti  wrote:

> Please keep freeipa-users in CC
>
> Snapshot is always better, so I suggest to use it. Otherwise there is an
> option --ignore-last-of-role to unblock uninstallation.
>
> Martin
>
> On 11.05.2017 16:00, Robert L. Harris wrote:
>
>
> Looks like you hit it, apache didn't have a group:
>
> -- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu 2017-05-11
> 07:48:27 MDT. --
> May 10 20:36:00 ipa.rdlg.net systemd[1]: Starting The Apache HTTP
> Server...
> May 10 20:36:00 ipa.rdlg.net ipa-httpd-kdcproxy[28808]: ipa :
> INFO KDC proxy enabled
> May 10 20:36:00 ipa.rdlg.net httpd[28809]: AH00544: httpd: bad group name
> apache
> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: main process
> exited, code=exited, status=1/FAILURE
> May 10 20:36:00 ipa.rdlg.net kill[28812]: kill: cannot find process ""
> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service: control process
> exited, code=exited status=1
> May 10 20:36:00 ipa.rdlg.net systemd[1]: Failed to start The Apache HTTP
> Server.
> May 10 20:36:00 ipa.rdlg.net systemd[1]: Unit httpd.service entered
> failed state.
> May 10 20:36:00 ipa.rdlg.net systemd[1]: httpd.service failed.
>
> Thanks, didn't know that command.  I tried to continue the process:
>
> {0}:/root>ipa-server-install
>
> The log file for this installation can be found in
> /var/log/ipaserver-install.log
> ipa.ipapython.install.cli.install_tool(Server): ERRORIPA server is
> already configured on this system.
> If you want to reinstall the IPA server, please uninstall it first using
> 'ipa-server-install --uninstall'.
> ipa.ipapython.install.cli.install_tool(Server): ERRORThe
> ipa-server-install command failed. See /var/log/ipaserver-install.log for
> more information
>
> root@ipa
> {1}:/root>ipa-server-install  --uninstall
>
> This is a NON REVERSIBLE operation and will delete all data and
> configuration!
>
> Are you sure you want to continue with the uninstall procedure? [no]: yes
> ipa : ERRORServer removal aborted: Deleting this server is not
> allowed as it would leave your installation without a CA..
>
>
>
> This is a VM and I took a snapshot right before I started the install, so
> I can revert, just make sure ti add the apache user before starting the
> install.  Or if you have a better command to continue the
> clean-up/install.
>
>
> On Thu, May 11, 2017 at 2:19 AM Martin Bašti  wrote:
>
>> Hello,
>>
>> comments inline
>>
>> On 11.05.2017 06:06, Robert L. Harris wrote:
>>
>>
>> Sigh... Sorry, it's been a long day, I thought I put that log in the
>> first pastebin.  It's in this one:  https://pastebin.com/18PAXXNS
>>
>>
>> Could you please provide journalctl -u httpd and /var/log/httpd/error_log
>> ?
>>
>>
>>
>>
>> Also,
>>Anyone else get the constant spam when mailing this list?  Got an
>> address to block for it?
>>
>>
>> Sorry for that, there is a bot mining public archives. We plan to resolve
>> this issue but it may take time as we are not maintaining our mailman.
>>
>> Martin
>>
>>
>>
>> Robert
>>
>>
>>
>>
>> On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman 
>> wrote:
>>
>>> Robert, did you look in /var/log/ipaserver-install.log as it says?
>>>
>>> Was there any other information?
>>>
>>> cheers
>>> L.
>>>
>>> --
>>> "Mission Statement: To provide hope and inspiration for collective
>>> action, to build collective power, to achieve collective transformation,
>>> rooted in grief and rage but pointed towards vision and dreams."
>>>
>>>  - Patrice Cullors, *Black Lives Matter founder*
>>>
>>> On 11 May 2017 at 13:24, Robert L. Harris 
>>> wrote:
>>>
 Ok,  I gave up on Ubuntu.  I'm now trying the latest CentOS7.  I built
 out a "minimal server" with some normal base packages which did include the
 freeipa-client but otherwise, just standard tools.  Here's a pastebin of
 the output of

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-11 Thread Martin Bašti

Please keep freeipa-users in CC

Snapshot is always better, so I suggest to use it. Otherwise there is an 
option --ignore-last-of-role to unblock uninstallation.

Martin

On 11.05.2017 16:00, Robert L. Harris wrote:

Looks like you hit it, apache didn't have a group:

-- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu 2017-05-11 
07:48:27 MDT. --
May 10 20:36:00 ipa.rdlg.net  systemd[1]: 
Starting The Apache HTTP Server...
May 10 20:36:00 ipa.rdlg.net  
ipa-httpd-kdcproxy[28808]: ipa : INFO KDC proxy enabled
May 10 20:36:00 ipa.rdlg.net  httpd[28809]: 
AH00544: httpd: bad group name apache
May 10 20:36:00 ipa.rdlg.net  systemd[1]: 
httpd.service: main process exited, code=exited, status=1/FAILURE
May 10 20:36:00 ipa.rdlg.net  kill[28812]: kill: 
cannot find process ""
May 10 20:36:00 ipa.rdlg.net  systemd[1]: 
httpd.service: control process exited, code=exited status=1
May 10 20:36:00 ipa.rdlg.net  systemd[1]: Failed 
to start The Apache HTTP Server.
May 10 20:36:00 ipa.rdlg.net  systemd[1]: Unit 
httpd.service entered failed state.
May 10 20:36:00 ipa.rdlg.net  systemd[1]: 
httpd.service failed.

Thanks, didn't know that command.  I tried to continue the process:

{0}:/root>ipa-server-install

The log file for this installation can be found in 
/var/log/ipaserver-install.log
ipa.ipapython.install.cli.install_tool(Server): ERROR  IPA server is 
already configured on this system.
If you want to reinstall the IPA server, please uninstall it first 
using 'ipa-server-install --uninstall'.
ipa.ipapython.install.cli.install_tool(Server): ERROR  The 
ipa-server-install command failed. See /var/log/ipaserver-install.log 
for more information

root@ipa
{1}:/root>ipa-server-install  --uninstall

This is a NON REVERSIBLE operation and will delete all data and 
configuration!

Are you sure you want to continue with the uninstall procedure? [no]: yes
ipa : ERRORServer removal aborted: Deleting this server is 
not allowed as it would leave your installation without a CA..

This is a VM and I took a snapshot right before I started the install, 
so I can revert, just make sure ti add the apache user before starting 
the install.  Or if you have a better command to continue the 
clean-up/install.

On Thu, May 11, 2017 at 2:19 AM Martin Bašti > wrote:

Hello,

comments inline

On 11.05.2017 06:06, Robert L. Harris wrote:

Sigh... Sorry, it's been a long day, I thought I put that log in
the first pastebin.  It's in this one: https://pastebin.com/18PAXXNS

Could you please provide journalctl -u httpd and
/var/log/httpd/error_log ?

Also,
   Anyone else get the constant spam when mailing this list?  Got
an address to block for it?

Sorry for that, there is a bot mining public archives. We plan to
resolve this issue but it may take time as we are not maintaining
our mailman.

Martin

Robert

On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman
> wrote:

Robert, did you look in /var/log/ipaserver-install.log as it
says?

Was there any other information?

cheers
L.

--
"Mission Statement: To provide hope and inspiration for
collective action, to build collective power, to achieve
collective transformation, rooted in grief and rage but
pointed towards vision and dreams."

 - Patrice Cullors, /Black Lives Matter founder/

On 11 May 2017 at 13:24, Robert L. Harris
> wrote:

Ok,  I gave up on Ubuntu.  I'm now trying the latest
CentOS7.  I built out a "minimal server" with some normal
base packages which did include the freeipa-client but
otherwise, just standard tools.  Here's a pastebin of the
output of the install: https://pastebin.com/zAWCgkUU

Robert

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

-- 
Martin Bašti

Software Engineer
Red Hat Czech

--
Martin Bašti
Software Engineer
Red Hat Czech

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-11 Thread Martin Bašti


Hello,

comments inline


On 11.05.2017 06:06, Robert L. Harris wrote:


Sigh... Sorry, it's been a long day, I thought I put that log in the 
first pastebin.  It's in this one: https://pastebin.com/18PAXXNS


Could you please provide journalctl -u httpd and /var/log/httpd/error_log ?




Also,
   Anyone else get the constant spam when mailing this list?  Got an 
address to block for it?


Sorry for that, there is a bot mining public archives. We plan to 
resolve this issue but it may take time as we are not maintaining our 
mailman.


Martin



Robert




On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman > wrote:


Robert, did you look in /var/log/ipaserver-install.log as it says?

Was there any other information?

cheers
L.

--
"Mission Statement: To provide hope and inspiration for collective
action, to build collective power, to achieve collective
transformation, rooted in grief and rage but pointed towards
vision and dreams."

 - Patrice Cullors, /Black Lives Matter founder/

On 11 May 2017 at 13:24, Robert L. Harris
> wrote:

Ok,  I gave up on Ubuntu.  I'm now trying the latest CentOS7. 
I built out a "minimal server" with some normal base packages

which did include the freeipa-client but otherwise, just
standard tools. Here's a pastebin of the output of the
install: https://pastebin.com/zAWCgkUU

Robert


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project





--
Martin Bašti
Software Engineer
Red Hat Czech

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-10 Thread Robert L. Harris

Sigh... Sorry, it's been a long day, I thought I put that log in the first
pastebin.  It's in this one:  https://pastebin.com/18PAXXNS

Also,
   Anyone else get the constant spam when mailing this list?  Got an
address to block for it?

Robert




On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman  wrote:

> Robert, did you look in /var/log/ipaserver-install.log as it says?
>
> Was there any other information?
>
> cheers
> L.
>
> --
> "Mission Statement: To provide hope and inspiration for collective action,
> to build collective power, to achieve collective transformation, rooted in
> grief and rage but pointed towards vision and dreams."
>
>  - Patrice Cullors, *Black Lives Matter founder*
>
> On 11 May 2017 at 13:24, Robert L. Harris 
> wrote:
>
>> Ok,  I gave up on Ubuntu.  I'm now trying the latest CentOS7.  I built
>> out a "minimal server" with some normal base packages which did include the
>> freeipa-client but otherwise, just standard tools.  Here's a pastebin of
>> the output of the install:  https://pastebin.com/zAWCgkUU
>>
>> Robert
>>
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-10 Thread Lachlan Musicman

Robert, did you look in /var/log/ipaserver-install.log as it says?

Was there any other information?

cheers
L.

--
"Mission Statement: To provide hope and inspiration for collective action,
to build collective power, to achieve collective transformation, rooted in
grief and rage but pointed towards vision and dreams."

 - Patrice Cullors, *Black Lives Matter founder*

On 11 May 2017 at 13:24, Robert L. Harris  wrote:

> Ok,  I gave up on Ubuntu.  I'm now trying the latest CentOS7.  I built out
> a "minimal server" with some normal base packages which did include the
> freeipa-client but otherwise, just standard tools.  Here's a pastebin of
> the output of the install:  https://pastebin.com/zAWCgkUU
>
> Robert
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-10 Thread Robert L. Harris

Ok,  I gave up on Ubuntu.  I'm now trying the latest CentOS7.  I built out
a "minimal server" with some normal base packages which did include the
freeipa-client but otherwise, just standard tools.  Here's a pastebin of
the output of the install:  https://pastebin.com/zAWCgkUU

Robert
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

[Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

20 matches

Site Navigation

Mail list logo

Footer information