On Sun, Jun 6, 2021 at 11:09 AM lejeczek via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hi guys.
>
> I'm trying client install and I fail:
> ...
> Time synchronization was successful.
> Please make sure the following ports are opened in the
> firewall settings:
> TCP: 80,
On Fri, Jun 4, 2021 at 10:11 PM Robert Kudyba via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> After upgrading to Fedora 34 and freeipa-server-4.9.3-2.fc34.x86_64, we're
> seeing the below errors. I found a previous post that mentions a user had
> these during a migration but we
(Last mail wasn't sent to mailing list - bad settings of my mail client, sorry
for that).
So, replication is working and there is indeed a new certificate for IPA RA.
Can this be from the renewal cycle on ldap1.
But isn't this some kind of chicken-egg-problem now? Apparently ldap2 cannot
talk
I cleaned up the contents of our ldap manually, re-created the replica file,
and got a lot further than we have before but ipa-replica-install still failed
as below:
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
[1/30]: configuring certificate server instance
ipaserve
Jan Bundesmann via FreeIPA-users wrote:
> (Last mail wasn't sent to mailing list - bad settings of my mail client,
> sorry for that).
>
> So, replication is working and there is indeed a new certificate for IPA RA.
> Can this be from the renewal cycle on ldap1.
Yes. Only one server does the ren
Bret Wortman wrote:
> I cleaned up the contents of our ldap manually, re-created the replica file,
> and got a lot further than we have before but ipa-replica-install still
> failed as below:
>
> Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
> [1/30]: configuring cert
You were absolutely correct, the flag worked, and the config-show did not show
a CRL server at all.
I'll dig into the ca logs next.
--
Bret Wortman
bret.wort...@damascusgrp.com
On Mon, Jun 7, 2021, at 11:07 AM, Rob Crittenden wrote:
> Bret Wortman wrote:
> > I cleaned up the contents of o
Hi FreeIPA list,
I don't see any in error log that match `grep -i "err=3"
/var/log/httpd/error_log`. We have tried raising searchtimelimit as high as
120, then 300 (now are trying 600) but observed no difference in the rate
at which nodes succeeded or failed in IPA joins. We are somewhat puzzled b
Actually, no change happened from 300-> 600 timeout, the web portal itself
gave me an ISE I hadn't noticed when I tried clicking save!
Alfred
On Mon, Jun 7, 2021 at 3:57 PM Alfred Victor wrote:
> Hi FreeIPA list,
>
> I don't see any in error log that match `grep -i "err=3"
> /var/log/httpd/erro
Alfred Victor wrote:
> Actually, no change happenedĀ from 300-> 600 timeout, the web portal
> itself gave me an ISE I hadn't noticed when I tried clicking save!
I wasn't clear which log to look in. You'll see details about where the
error is caught in IPA in the Apache log. To see LDAP timeouts yo
HI Team,
We are migrating from our current Directory Service 389DS to FreeIPA. Our all
servers at
present authenticated by 389DS server.
Our infra hosted on AWS cloud. Please find below setup of FreeIPA & Client on
which we
are performing tests & getting issue.
FreeIPA Servers
Primary Master S
11 matches
Mail list logo
