Re: [Freeipa-users] Help troubleshooting migrate-ds
On 07/05/13 22:04, Rob Crittenden wrote: https://fedorahosted.org/freeipa/ticket/3364 rob Thanks for poiting. It was the key. Now I'm having other issues, but the kind of issues I use to like :) Regards -- Arturo Borrero González Departamento de Seguridad Informática (n...@cica.es) Centro Informático Científico de Andalucía (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía smime.p7s Description: S/MIME Cryptographic Signature ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Help troubleshooting migrate-ds
On 03/05/13 12:40, Arturo Borrero wrote: Hi there! In a freshly installed FreeIPA server, I try: # ipa migrate-ds LDAP URI: ldaps://ldap.example.com Contraseña: ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com': LDAP Server Down This is a related line I found in the logfile: [Fri May 03 12:30:53 2013] [error] ipa: INFO: ad...@example.com: migrate_ds(u'ldaps://ldap.example.com', u'', binddn=u'cn=admin,dc=example,dc=com', usercontainer=u'ou=example,ou=users', groupcontainer=u'ou=example,ou=groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None, groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False, basedn=u'ou=cuentas,dc=example,dc=com', compat=False, exclude_groups=None, exclude_users=None): NetworkError Am I missing something? There is some prerequisites in the DNS server for this to work? Of course, the IPA server has full network contact with the LDAP server (tcp/636), i see some packets doing a tpcdump in the LDAP server. Is there a way to get a more verbose log output of what is going on? I don't have any clue yet. Google seems empty when I search for this error and this operation made by others seems errorfree. Any idea? -- Arturo Borrero González Departamento de Seguridad Informática (n...@cica.es) Centro Informático Científico de Andalucía (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía smime.p7s Description: S/MIME Cryptographic Signature ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Help troubleshooting migrate-ds
On 05/07/2013 07:53 AM, Arturo Borrero wrote: On 03/05/13 12:40, Arturo Borrero wrote: Hi there! In a freshly installed FreeIPA server, I try: # ipa migrate-ds LDAP URI: ldaps://ldap.example.com Contraseña: ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com': LDAP Server Down This is a related line I found in the logfile: [Fri May 03 12:30:53 2013] [error] ipa: INFO: ad...@example.com: migrate_ds(u'ldaps://ldap.example.com', u'', binddn=u'cn=admin,dc=example,dc=com', usercontainer=u'ou=example,ou=users', groupcontainer=u'ou=example,ou=groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None, groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False, basedn=u'ou=cuentas,dc=example,dc=com', compat=False, exclude_groups=None, exclude_users=None): NetworkError Am I missing something? There is some prerequisites in the DNS server for this to work? Of course, the IPA server has full network contact with the LDAP server (tcp/636), i see some packets doing a tpcdump in the LDAP server. Is there a way to get a more verbose log output of what is going on? I don't have any clue yet. Google seems empty when I search for this error and this operation made by others seems errorfree. Any idea? Can it be that the certs are not properly configured? What LDAP server you are trying to use? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Help troubleshooting migrate-ds
Arturo Borrero wrote: On 03/05/13 12:40, Arturo Borrero wrote: Hi there! In a freshly installed FreeIPA server, I try: # ipa migrate-ds LDAP URI: ldaps://ldap.example.com Contraseña: ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com': LDAP Server Down This is a related line I found in the logfile: [Fri May 03 12:30:53 2013] [error] ipa: INFO: ad...@example.com: migrate_ds(u'ldaps://ldap.example.com', u'', binddn=u'cn=admin,dc=example,dc=com', usercontainer=u'ou=example,ou=users', groupcontainer=u'ou=example,ou=groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None, groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False, basedn=u'ou=cuentas,dc=example,dc=com', compat=False, exclude_groups=None, exclude_users=None): NetworkError Am I missing something? There is some prerequisites in the DNS server for this to work? Of course, the IPA server has full network contact with the LDAP server (tcp/636), i see some packets doing a tpcdump in the LDAP server. Is there a way to get a more verbose log output of what is going on? I don't have any clue yet. Google seems empty when I search for this error and this operation made by others seems errorfree. Any idea? https://fedorahosted.org/freeipa/ticket/3364 rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] Help troubleshooting migrate-ds
Hi there! In a freshly installed FreeIPA server, I try: # ipa migrate-ds LDAP URI: ldaps://ldap.example.com Contraseña: ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com': LDAP Server Down This is a related line I found in the logfile: [Fri May 03 12:30:53 2013] [error] ipa: INFO: ad...@example.com: migrate_ds(u'ldaps://ldap.example.com', u'', binddn=u'cn=admin,dc=example,dc=com', usercontainer=u'ou=example,ou=users', groupcontainer=u'ou=example,ou=groups', userobjectclass=(u'person',), groupobjectclass=(u'groupOfUniqueNames', u'groupOfNames'), userignoreobjectclass=None, userignoreattribute=None, groupignoreobjectclass=None, groupignoreattribute=None, groupoverwritegid=False, schema=u'RFC2307bis', continue=False, basedn=u'ou=cuentas,dc=example,dc=com', compat=False, exclude_groups=None, exclude_users=None): NetworkError Am I missing something? There is some prerequisites in the DNS server for this to work? Of course, the IPA server has full network contact with the LDAP server (tcp/636), i see some packets doing a tpcdump in the LDAP server. Is there a way to get a more verbose log output of what is going on? Best regards. -- Arturo Borrero González Departamento de Seguridad Informática (n...@cica.es) Centro Informático Científico de Andalucía (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía smime.p7s Description: S/MIME Cryptographic Signature ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
