[Freeipa-users] Re: pki-tomcatd not starting

2020-08-12 Thread Fraser Tweedale via FreeIPA-users
On Thu, Aug 13, 2020 at 02:43:33AM +, Scott Z. via FreeIPA-users wrote: > Just in case it helps to narrow things down a bit or answers questions... > 1) The problem IdM server is the CA Master as far as I can tell (ran the > command "ipa config-show", saw that the IPA CA renewal master: was

[Freeipa-users] Re: pki-tomcatd not starting

2020-08-12 Thread Jochen Kellner via FreeIPA-users
"Scott Z. via FreeIPA-users" writes: > My current status is that I've done an ipactl restart > --ignore-service-failure, my timedate value is once again current, Your IDM server has the ntp role enables, so you can't go back in time and user "ipactl start", because that is setting the time to

[Freeipa-users] Re: pki-tomcatd not starting

2020-08-12 Thread Scott Z. via FreeIPA-users
Just in case it helps to narrow things down a bit or answers questions... 1) The problem IdM server is the CA Master as far as I can tell (ran the command "ipa config-show", saw that the IPA CA renewal master: was the same server with the bad cert. 2) Followed the steps in the Red Hat knowledge

[Freeipa-users] Re: Multimaster error adding user when one master down.

2020-08-12 Thread Angus Clarke via FreeIPA-users
Hi Just a bit of user experience ... I'm guessing you ran the ipa-client-install program on your client specifying "--server=ipa01.bos1.domain.com" rather than relying on auto-discovery (requires SRV DNS records) If DNS SRV records are not configured and you need to manually specify the IPA

[Freeipa-users] Re: Multimaster error adding user when one master down.

2020-08-12 Thread Louis Bohm via FreeIPA-users
I figured that out right after I emailed. I will get the records added to DNS and then try it out again. Thanks, Louis -<<—->>- Louis Bohm louisb...@gmail.com

[Freeipa-users] Re: Multimaster error adding user when one master down.

2020-08-12 Thread Florence Blanc-Renaud via FreeIPA-users
On 8/12/20 1:16 PM, Louis Bohm via FreeIPA-users wrote: Yes the client was installed not using the —server option.  So it looks like my issue is DNS.  We have DNS external to the IPA hosts.  Is there a simple way for me to get a list of all the DNS records that need to be added to our DNS

[Freeipa-users] Re: Multimaster error adding user when one master down.

2020-08-12 Thread Louis Bohm via FreeIPA-users
Yes the client was installed not using the —server option. So it looks like my issue is DNS. We have DNS external to the IPA hosts. Is there a simple way for me to get a list of all the DNS records that need to be added to our DNS system from IPA? Louis -<<—->>- Louis Bohm

[Freeipa-users] Re: Multimaster error adding user when one master down.

2020-08-12 Thread Florence Blanc-Renaud via FreeIPA-users
On 8/11/20 11:16 PM, Louis Bohm via FreeIPA-users wrote: Environment: 2 IPA Masters running Centos 8 and IPA Server 4.8.0.13 Client running Lentos 8 and IPA Client 4.8.0.13 The masters were setup as MultiMasters (I think I have it correct). If I shutdown the first master (ipa01) so only ipa02