[Freeipa-users] Re: Not sure if FreeIPA issue or something else - false account is expired message

account is expired message Scott Z. via FreeIPA-users wrote: > It's happened 5 or 6 times over the past year that users attempting to > log in to various Linux servers (using our IdM servers for > authentication) are unable to do so. When we look in the > /var/log/secure file on the c

[Freeipa-users] Not sure if FreeIPA issue or something else - false account is expired message

It's happened 5 or 6 times over the past year that users attempting to log in to various Linux servers (using our IdM servers for authentication) are unable to do so. When we look in the /var/log/secure file on the client servers, we see messages that look like this: pam_unix(sshd:auth): authen

[Freeipa-users] Re: pki-tomcatd not starting

g funky 🙁 From: Fraser Tweedale Sent: Wednesday, August 12, 2020 6:02 PM To: FreeIPA users list Cc: Rob Crittenden ; Florence Blanc-Renaud ; Alexander Scheel ; Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting On Thu, Aug 13, 2020 at 02:43:33A

[Freeipa-users] Re: pki-tomcatd not starting

t 12, 2020 6:02 PM To: FreeIPA users list Cc: Rob Crittenden ; Florence Blanc-Renaud ; Alexander Scheel ; Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting On Thu, Aug 13, 2020 at 02:43:33AM +, Scott Z. via FreeIPA-users wrote: > Just in case it helps to narrow things down a

[Freeipa-users] Re: pki-tomcatd not starting

Blanc-Renaud Cc: Scott Z. ; Alexander Scheel Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting Scott Z. via FreeIPA-users wrote: > Just so I'm not confusing the various servers and roles they play in > case it impacts what I'm doing (also, in case it matters, these ar

[Freeipa-users] Re: pki-tomcatd not starting

eeIPA (4.5.4). Scott From: Rob Crittenden Sent: Tuesday, August 11, 2020 4:01 PM To: FreeIPA users list ; Florence Blanc-Renaud Cc: Scott Z. ; Alexander Scheel Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting Scott Z. via FreeIPA-users wrote: > Just so I'm not confusing t

[Freeipa-users] Re: pki-tomcatd not starting

#x27;m assuming it's having a problem doing because its own cert is already expired? Scott From: Rob Crittenden Sent: Tuesday, August 11, 2020 9:07 AM To: FreeIPA users list ; Florence Blanc-Renaud Cc: Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcat

[Freeipa-users] Re: pki-tomcatd not starting

ay, August 11, 2020 9:07 AM To: FreeIPA users list ; Florence Blanc-Renaud Cc: Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting Scott Z. via FreeIPA-users wrote: > Adding the "NSSEnforceValidCerts off" definitely got me past the HTTPD > error. It started up an

[Freeipa-users] Re: pki-tomcatd not starting

t dirsrv@slapd-DOMAIN-COM > which would produce the error you're seeing. > > flo > >> Not sure now how to proceed at this point. >> >> BTW, I have decided that once I get through this slog and have a working >> server again, I'm going to donate $50 to th

[Freeipa-users] Re: pki-tomcatd not starting

slapd-DOMAIN-COM which would produce the error you're seeing. flo > Not sure now how to proceed at this point. > > BTW, I have decided that once I get through this slog and have a working > server again, I'm going to donate $50 to the Hawaiian Food Bank or the > charity of your choice in appreciation. > Scott > > >

[Freeipa-users] Re: pki-tomcatd not starting

Blanc-Renaud Sent: Monday, August 10, 2020 8:55 PM To: FreeIPA users list ; Rob Crittenden Cc: Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting On 8/10/20 11:46 PM, Scott Z. via FreeIPA-users wrote: > I stopped the ntp service with the command "timedatectl set_ntp

[Freeipa-users] Re: pki-tomcatd not starting

any Mahalos for your continued support and patience! Scott From: Rob Crittenden Sent: Monday, August 10, 2020 11:36 AM To: FreeIPA users list ; Florence Blanc-Renaud Cc: Scott Z. Subject: Re: [Freeipa-users] Re: pki-tomcatd not starting Scott Z. via FreeI

[Freeipa-users] Re: pki-tomcatd not starting

cking on the cert with "getcert list -i ", it shows "status: CA_REJECTED", and "stuck: yes". Any additional thoughts or help would be greatly appreciated! And thanks for the help so far. Scott From: Scott Z. via FreeIPA-users Sent: Mo

[Freeipa-users] Re: pki-tomcatd not starting

cott > > ---------------- > *From:* Florence Blanc-Renaud > *Sent:* Thursday, August 6, 2020 2:46 AM > *To:* FreeIPA users list > *Cc:* Scott Z. > *Subject:* Re: [Freeipa-users] Re: pki-tomcatd not starting > On 8/6/

[Freeipa-users] Re: pki-tomcatd not starting

DB',pinfile='/etc/httpd/alias/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-',nickname='Server-Cert',token='NSS Certificate DB' CA: IPA issuer: CN=Certificate Authority,O= subject: CN=,O= expires: 2021-09-09 19:51:45 UTC principal name: HTT

[Freeipa-users] Re: pki-tomcatd not starting

Renaud Sent: Monday, August 3, 2020 9:34 PM To: FreeIPA users list Cc: Scott Z. Subject: Re: [Freeipa-users] pki-tomcatd not starting On 8/3/20 10:14 PM, Scott Z. via FreeIPA-users wrote: > Not sure I'm sending this to the right place, but here it goes. I > inherited a FreeIPA/Identity Man

[Freeipa-users] pki-tomcatd not starting

Not sure I'm sending this to the right place, but here it goes. I inherited a FreeIPA/Identity Manager setup in an enclave (no internet access) environment that is running into problems. There are at least 3 different IdM servers running in the environment spread out across different geographi