First of all, the ipa-replica-install did not allow me to use the --setup-ca
option complaining that a cert already exists, replicate creation was
successful after I skipped the option.
Seems like the replica is one except
1) There is no CA Service running on the replica (which I guess is expect
unction in its
location but I need
Shreeraj
Change is the only Constant !
On Saturday, February 8, 2014 1:29 AM, Lukas Slebodnik
wrote:
On (06/02/14 18:33), Shree wrote:
>First of all, the ipa-r
nds.
the client install also finds issue with
Shreeraj
Change is the only Constant !
On Sunday, February 9, 2014 4:44 AM, Rob Crittenden wrote:
Shree wrote:
> Lukas
> Perhaps I should explain the
instead of the replica.
Let me know what you think. Thanks
Shreeraj
Change is the only Constant !
On Saturday, February 8, 2014 1:29 AM, Lukas Slebodnik
wrote:
On (06/02/14 18:33), Shree wrote:
>First
123 udp
Shreeraj
Change is the only Constant !
On Tuesday, February 11, 2014 2:22 PM, Dmitri Pal wrote:
On 02/11/2014 05:05 PM, Shree wrote:
Dimitri
>Sorry some the mail landed in my SPAM folder.
11.2.2014 23:53, Shree wrote:
> Following ports are opened between the
> 1) Between the master and the replica (bi directional)
> 2) client machine and the ipa replica (unidirectional).
> When the replica was up it worked fine as far as syncing was concerned.
>
> 80 tcp
>
.
Shreeraj
Change is the only Constant !
On Wednesday, February 12, 2014 10:32 AM, Rob Crittenden
wrote:
Shree wrote:
> Peter
> Actually I mentioned earlier that my clients are in a separate VL
in sync but I am unable to run a
ipa-client-install using the replica. Now I need to fix this to get a replica
in place correctly.
Shreeraj
On Wednesday, February 12, 2014 10:42 AM, Rob Crittenden
main.com = master
ldap2.mydomain.com = replica
Shreeraj
Change is the only Constant !
On Friday, February 14, 2014 11:40 AM, Rob Crittenden
wrote:
Shree wrote:
> 1) 7839 TCP is open between the
wrote:
Shree wrote:
> Rob
> I am giving it a fresh start and I notice similar issues.
>
> 1) I wasn't able to use the "--setup-ca" while running the
> ipa-replica-install on the replica. It stopped the install after the
> ntpd step see below.
>
> Done c
is the only Constant !
On Tuesday, February 18, 2014 1:18 PM, Shree wrote:
1) I have got a step furthur. My replica is not running CA Service. To achieve
this I had to remove the existing cert with this command
pkiremove -pki_instance_root=/var/lib -pki_instance_name=pki-ca -force
Now the
Everything seems to be going well for all the 17 of 17 steps and then this
[15/17]: configure clone certificate renewals
[16/17]: configure Server-Cert certificate renewal
[17/17]: Configure HTTP to proxy connections
Done configuring certificate server (pki-cad).
Restarting the directory and
= {
db_library = ipadb.so
}
===
Shreeraj
Change is the only Constant !
On Wednesday, February 19, 2014 12:59 PM, Rob Crittenden
wrote:
Shree wrote:
> 1
root@test500 ~]# rpm -q ipa-client
ipa-client-2.2.0-16.el6.x86_64
[root@test500 ~]#
Shreeraj
Change is the only Constant !
On Wednesday, February 19, 2014 1:17 PM, Rob Crittenden
wrote:
Shree
Change is the only Constant !
On Wednesday, February 19, 2014 2:21 PM, Rob Crittenden
wrote:
Shree wrote:
> root@test500 ~]# rpm -q ipa-client
> ipa-client-2.2.0-16.el6.x86_64
> [roo
Change is the only Constant !
On Thursday, February 20, 2014 7:20 AM, Dmitri Pal wrote:
On 02/19/2014 06:52 PM, Shree wrote:
Rob
>You were right. After upgrading the client to the
ipa-client-3.0.0-37.el6.x86_64 version I started seein
different set of hosts.
Shreeraj
Change is the only Constant !
On Thursday, February 20, 2014 2:20 PM, Dmitri Pal wrote:
On 02/20/2014 02:58 PM, Shree wrote:
Can you help me figure out, below is some
Not sure what is going on?
I get the following error.
---
Starting httpd: (98)Address already in use: make_sock: could not bind to
address [::]:443
---
I have a feeling our puppet is causing some problem. I get the following when I
run "puppet agent -t"
--
Hello
We just upgraded our clients from ipa-client-2.2.0-16.el6.x86_64 to
ipa-client-3.0.0-37.el6.x86_64 and started noticing this. We have some scripts
which sudo to a local account like "apache" and run. Earlier we were never
prompted to put apache's password, now it is. Any thoughts?
Shr
only Constant !
On Thursday, March 20, 2014 4:29 AM, Martin Kosek wrote:
On 03/19/2014 10:37 PM, Shree wrote:
> Hello
> I was able to successfully move all my clients to the replica except on the
> process I had to upgrade the client to "ipa-client-3.0.0-37.el6.x86_64"
only Constant !
On Saturday, March 22, 2014 2:12 PM, Dmitri Pal wrote:
On 03/21/2014 07:44 PM, Shree wrote:
Hi
>Attaching the install log. It complains about unable to reach
certain ports, however my tests by using telnet were successful.
Also to refresh your memory the cli
com
Then it will be easier to troubleshoot. To get more information what kinit
actually does, try enabling a trace:
# KRB5_TRACE=/dev/stdout kinit skarul...@mydomain.com
You will be then able to see if it really connects to right IP address which
would enable you to debug further.
Martin
On 03
Change is the only Constant !
On Monday, March 31, 2014 7:02 AM, Rob Crittenden wrote:
Shree wrote:
> Martin
> First of all thank you so much for your detailed analysis. I got a
> chance to finally take a look at it
!
On Monday, March 31, 2014 8:09 AM, Rob Crittenden wrote:
Shree wrote:
> Rob
> This is what I get.
Realm is case-sensitive, try skarul...@mydomain.com
rob
>
> [root@www ~]# KRB5_TRACE=/dev/stdout kinit skarul...@mydomain.com
> [14858] 1396278013.584391: Getting initial credentia
only one of my several servers behaved this way.
Thanks
Shreeraj
Change is the only Constant !
On Monday, March 31, 2014 8:22 AM, Shree wrote:
Excellent Rob
I see that it is trying the IP address
Version ipa-server-3.0.0-26.el6_4.4.x86_64
Hi
I need to change the IP address of my server. Currently it syncs with a replica
on a different subnet and has ACLs opened for this. What would be the best way
to go about it? Will it affect the certificates, clients etc?
Shreeraj
-
master & decommission the older master.
Regards
Arpit Tolani
On Fri, Jun 6, 2014 at 12:56 AM, Shree wrote:
> Version ipa-server-3.0.0-26.el6_4.4.x86_64
> Hi
> I need to change the IP address of my server. Currently it syncs with a
> replica on a different subnet and has ACLs
27 matches
Mail list logo
