On 12/6/18 1:32 PM, Bret Wortman via FreeIPA-users wrote:
After a reboot, my IPA replica won't start. I've tracked it down to an
error in the named startup. From /var/log/messages(all messags from
named-pkcs11):
bind-dyndb-ldap version 11.1 compiled at 13:38:22 Aug 23 2017, complier
4.8.5 20150623 (Red Hat 4.8.5-16)
LDAP error: Invalid credentials: bind to LDAP server failed
couldn't establish connection in LDAP connection pool: permission denied
dynamic database 'ipa' configuration failed:
loading configuration: permission denied
exiting (due to fatal error)
So I tried manually:
# kinit -kt /etc/named.keytab DNS/ipa3.spx....@my.net
# klist
Ticket cache: KEYRING:persistent:0:0
Default principal: DNS/asipa3.spx....@my.net
Valid starting Expires Service principal
12/06/2018 12:26:17 12/07/2018 12:26:17 krbtgt/my....@my.net
I've restarted now using ipactl start --ignore-service-failure but where
should I be looking next to get this fixed?
Hi,
you can find a lot of information in this page:
https://docs.pagure.org/bind-dyndb-ldap/BIND9/NamedCannotStart.html
flo
--
photo
*Bret Wortman*
Founder, Damascus Products, LLC
855-644-2783 <tel:855-644-2783> | b...@wrapbuddies.co
<mailto:b...@wrapbuddies.co>
http://wrapbuddies.co/
70 Main St. Suite 23 Warrenton, VA 20186
<http://facebook.com/wrapbuddiesco>
<http://www.linkedin.com/in/bretwortman>
<http://twitter.com/wrapbuddiesco>
<http://instagram.com/wrapbuddies>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org