Michael Mercier via FreeIPA-devel wrote: > Hello, > > I would like to have the ipaNTHash stored in the IPA LDAP database > without having to use winbind or samba. I > installed ipa-server-*trust*-ad and did the basic setup. In order to > now start IPA I now have to add the '--ignore-service-failure’ option, > meaning I have to manually (re)start it at boot. > > [root@ipa ~]# ipactl start --ignore-service-failure > Existing service file detected! > Assuming stale, cleaning and proceeding > Starting Directory Service > Starting krb5kdc Service > Starting kadmin Service > Starting named Service > Starting httpd Service > Starting ipa-custodia Service > Starting pki-tomcatd Service > Starting smb Service > Failed to start smb Service > Forced start, ignoring smb Service, continuing normal operation > Starting winbind Service > Failed to start winbind Service > Forced start, ignoring winbind Service, continuing normal operation > Starting ipa-otpd Service > Starting ipa-dnskeysyncd Service > ipa: INFO: The ipactl command was successful > > Is there a way to have ipa-server-trust-ad setup and still have the > service start without the winbind and/or samba dependancies?
You can try changing the ipaConfigString from enabledService to configuredService in cn=ADTRUST,cn=replica.example.test,cn=masters,cn=ipa,cn=etc,dc=example,dc=test and cn=EXTID,... Leave the other things in ipaConfigString and the entry alone in order to switch back. rob _______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
