Hi ,
I am trying to deploy ipa server as a docker container on kubernetes cluster .
I have build the docker image & run below command .
docker run --privileged --sysctl net.ipv6.conf.lo.disable_ipv6=0 --name
freeipa-server -ti -h ipa.faas.example.lab freeipa-server-new:latest
--setup-dns
You are awesome!!!
ipa topologysegment-del works!! and i am successfully able to remove bad replica
On Thu, Sep 19, 2019 at 6:08 PM Dmitry Perets via FreeIPA-users
wrote:
>
> Hi,
>
> Try using these, to delete replication agreements:
>
> ipa topologysegment-find
> ipa topologysegment-del
>
>
Hi Peter,
Did you manage to resolve this issue back then?
Because I face exactly the same one, appreciate if you can give me some hints.
Thanks!
---
Regards,
Dmitry Perets
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To
Hi,
After a bit more searching - my issue looks exactly like this one:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/AJNEM5CZ6KXNXIMD4TJY3LSRESRIJBFE/
I also have the same error in /var/log/pki/pki-tomcat/kra/system:
0.ajp-bio-127.0.0.1-8009-exec-1 -
Hi,
Pretty much any vault-related calls in one of my environments result in the
internal error, although the call seems to (partially) succeed.
For example:
# ipa vault-add test --type standard
ipa: ERROR: an internal error has occurred
But the vault is created:
# ipa vault-find
Hi,
Try using these, to delete replication agreements:
ipa topologysegment-find
ipa topologysegment-del
Then you can repeat "ipa-replica-manage del".
---
Regards,
Dmitry Perets
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To
Albert Szostkiewicz via FreeIPA-users
writes:
> Thanks for reply Rob!
>
>> /var/log/krb5kdc.log might have more details on the GSS failures, or the
>> journal.
>
> Yeah, I've checked that as well. Unfortunately 'Preauthentication
> failed' Was no more explanatory to me.
Here, it means that a
I have another reason to want to do a reinstall.
I have 3 Centos 7 servers. I want to move to Centos 8. (eventually. I’ll do
some testing first). The official approach is a new installation. Obviously I
can create 3 replicas and kill the originals. But then I’ll have to find every
client and
I am trying to remove old and bad replica from list but somehow it
didn't like what i am doing
[root@ldap-master ~]# ipa-replica-manage list -v `hostname`
ldap-1.example.com: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica
Thanks for reply Rob!
> /var/log/krb5kdc.log might have more details on the GSS failures, or the
> journal.
Yeah, I've checked that as well. Unfortunately 'Preauthentication failed' Was
no more explanatory to me.
After two weeks of searching for answers, I gave up and decided to reinstall
ipa
Amos via FreeIPA-users wrote:
> Is it possible to have an automember rule to add a host to a hostgroup
> based on the account used with ipa-install-client?
Using enrolledBy in the inclusive regex should do it.
rob
___
FreeIPA-users mailing list --
Is it possible to have an automember rule to add a host to a hostgroup
based on the account used with ipa-install-client?
Amos
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
Albert Szostkiewicz via FreeIPA-users wrote:
>
>> You upgraded from what version?
> *Updated. Simple dnf update that I du regularly on Fedora 29 server where
> FreeIPA is installed.
> Unfortunately, it was quite a while and I am unable to pinpoint exactly which
> libraries got updated.
> This
13 matches
Mail list logo
