Flo,
these are all the errors found:
grep 'RESULT err=' access | perl -pe 's/.*(RESULT\s+err=\d+).*/$1/g' | sort
-n | uniq -c | sort -n
2 RESULT err=6
95 RESULT err=32
200 RESULT err=14
2105 RESULT err=0
2017-01-05 8:10 GMT-06:00 Florence Blanc-Renaud :
> On
On 11/01/2017 13:55, Petr Vobornik wrote:
> On 01/10/2017 09:31 PM, Bob Hinton wrote:
>> Hi,
>>
>> The pki-tomcatd services on our IPA servers seem to have stopped working.
>>
>> This seems to be related to the expiry of several certificates -
>>
>> [root@ipa001 ~]# getcert list | more
>> Number
To sum up, our problem was we did not install new CA crt on all replicas,
which should be probably done using "ipa-certupdate", but we missed that in
the documentation.
Regarding the certificates encoding, we noticed that after the upgrade v3
-> v4 IPA issues certificates in UTF8STRING and as
working through it slowly now... :)
On Wed, Jan 11, 2017 at 11:22 AM, Martin Basti wrote:
> Have you tried the ldapsearch from the guide I sent you?
>
>
>
> On 11.01.2017 17:03, Outback Dingo wrote:
>>
>> I am still seeing this, and the same message about LDAP
>>
>>
Have you tried the ldapsearch from the guide I sent you?
On 11.01.2017 17:03, Outback Dingo wrote:
I am still seeing this, and the same message about LDAP
./ipa_check_consistency -H
ipa2.optimcloud.com -d OPTIMCLOUD.COM
Directory Manager password:
FreeIPA servers:ipa2STATE
Great :)
On 11.01.2017 16:52, Outback Dingo wrote:
damn... DMARC record removed, now synced
On Wed, Jan 11, 2017 at 10:33 AM, Martin Basti wrote:
Please try to create a new test user if it is replicated to other replicas.
I see repl. conflicts please try to
Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic
empty zone: 123.100.IN-ADDR.ARPA
Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic
empty zone: 124.100.IN-ADDR.ARPA
Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic
empty zone: 125.100.IN-ADDR.ARPA
Please try to create a new test user if it is replicated to other replicas.
I see repl. conflicts please try to investigate them, it may cause a
missing zone
Not realliy, not like last time but
[root@ipa2 ~]# cd ipa_check_consistency/
[root@ipa2 ipa_check_consistency]# ./ipa_check_consistency -H
ipa2.optimcloud.com -d OPTIMCLOUD.COM
Directory Manager password:
FreeIPA servers:ipa2STATE
=
Active Users1
On 11.01.2017 15:32, Outback Dingo wrote:
not sure why, but the secondary freeipa server is out of sync by a
long shot now, missing dns domains and A records... tried
ipa-replica-manage force-sync --from ipa.optimcloud.com
doesnt seem to be working
HELP!
Do you see any errors in
not sure why, but the secondary freeipa server is out of sync by a
long shot now, missing dns domains and A records... tried
ipa-replica-manage force-sync --from ipa.optimcloud.com
doesnt seem to be working
HELP!
--
Manage your subscription for the Freeipa-users mailing list:
On 01/11/2017 01:58 PM, Sandor Juhasz wrote:
> Ok,
>
> OID - check
> ldapmodify - check
> python scripts - check
> These works on both ipa 3.x and ipa 4.x.
> So the basic functionality is there for the new object class.
>
> js - i am stuck with, i have created the js files for the plugin, see
On 01/10/2017 09:31 PM, Bob Hinton wrote:
> Hi,
>
> The pki-tomcatd services on our IPA servers seem to have stopped working.
>
> This seems to be related to the expiry of several certificates -
>
> [root@ipa001 ~]# getcert list | more
> Number of certificates and requests being tracked: 8.
>
Ok,
OID - check
ldapmodify - check
python scripts - check
These works on both ipa 3.x and ipa 4.x.
So the basic functionality is there for the new object class.
js - i am stuck with, i have created the js files for the plugin, see below.
But i don't know how to generate the the index.
Thanks! I will take a look at that.
Andy
On 1/9/17 8:37 AM, Youenn PIOLET wrote:
> Hey there,
>
> I got the same issue after upgrading my servers to 4.4.0
> The problem comes from duplicate entries in :
> cn=permissions,cn=pbac,dc=example,dc=com
>
> I think FreeIPA upgrade fails to create ACL
Hi Sumit
- On Jan 11, 2017, at 12:51 PM, Sumit Bose sb...@redhat.com wrote:
>
> I guess this is because the last update on one server was done with data
> from LDAP while the other used data from the Global Catalog. In general
> missing data in the GC should not remove the data read from
On Wed, Jan 11, 2017 at 11:01:22AM +0100, Troels Hansen wrote:
> Hi, we have just seen a weird issue, which I need some advice on.
>
> We have 2 IPA 4.4 servere in a AD trust and a number of Linux clients
> connected.
>
> A little story of what we experienced.
> We had a AD user which
Hi, we have just seen a weird issue, which I need some advice on.
We have 2 IPA 4.4 servere in a AD trust and a number of Linux clients
connected.
A little story of what we experienced.
We had a AD user which sometimes couldn't log in to a server, because his shell
was being set to
18 matches
Mail list logo