Scott Reed via FreeIPA-users wrote: > I install FreeIPA with my usual options, but when it's done the web interface > is not available with the usual. > > Service status: > > [xadministrator@idm log]$ sudo systemctl enable tomcat.service -l > [xadministrator@idm log]$ sudo systemctl start tomcat.service -l > [xadministrator@idm log]$ sudo systemctl status tomcat.service -l > \u25cf tomcat.service - Apache Tomcat Web Application Container > Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled; vendor > preset: disabled) > Active: inactive (dead) since Tue 2020-01-21 14:42:52 EST; 3s ago > Process: 15192 ExecStart=/usr/libexec/tomcat/server start (code=exited, > status=0/SUCCESS) > Main PID: 15192 (code=exited, status=0/SUCCESS)
Why are you touching the services enabled? This should not be done. The ipa service will start the things needed. > Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM > org.apache.catalina.core.StandardService stopInternal > Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping service Catalina > Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM > org.apache.coyote.AbstractProtocol stop > Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping ProtocolHandler > ["http-bio-8080"] > Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM > org.apache.coyote.AbstractProtocol destroy > Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Destroying ProtocolHandler > ["http-bio-8080"] > Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM > org.apache.coyote.AbstractProtocol stop > Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping ProtocolHandler > ["ajp-bio-8009"] > Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM > org.apache.coyote.AbstractProtocol destroy > Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Destroying ProtocolHandler > ["ajp-bio-8009"] > [xadministrator@idm log]$ > > [xadministrator@idm log]$ sudo systemctl status httpd -l > [sudo] password for xadministrator: > \u25cf httpd.service - The Apache HTTP Server > Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor > preset: disabled) > Drop-In: /etc/systemd/system/httpd.service.d > \u2514\u2500ipa.conf > Active: active (running) since Tue 2020-01-21 14:18:35 EST; 1 day 2h ago > Docs: man:httpd(8) > man:apachectl(8) > Main PID: 13471 (httpd) > Status: "Total requests: 4; Current requests/sec: 0; Current traffic: 0 > B/sec" > Tasks: 61 > CGroup: /system.slice/httpd.service > \u251c\u250013471 /usr/sbin/httpd -DFOREGROUND > \u251c\u250013472 /usr/libexec/nss_pcache 688130 off > \u251c\u250013475 (wsgi:kdcproxy) -DFOREGROUND > \u251c\u250013476 (wsgi:kdcproxy) -DFOREGROUND > \u251c\u250013477 (wsgi:ipa) -DFOREGROUND > \u251c\u250013478 (wsgi:ipa) -DFOREGROUND > \u251c\u250013479 (wsgi:ipa) -DFOREGROUND > \u251c\u250013480 (wsgi:ipa) -DFOREGROUND > \u251c\u250013481 /usr/sbin/httpd -DFOREGROUND > \u251c\u250013482 /usr/sbin/httpd -DFOREGROUND > \u251c\u250013483 /usr/sbin/httpd -DFOREGROUND > \u251c\u250013484 /usr/sbin/httpd -DFOREGROUND > \u251c\u250013485 /usr/sbin/httpd -DFOREGROUND > \u2514\u250013747 /usr/sbin/httpd -DFOREGROUND > > Jan 21 14:18:35 idm.cs.xxxx systemd[1]: Started The Apache HTTP Server. > Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1 > Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1 > Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1 > Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1 > Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1 > Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1 > Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1 > Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1 > Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1 > > The url that I'm trying is: https://idm.cs.xxxx/ipa/ui/ > > Any help would be appreciated. What does "not available" mean? What do you see? Does curl work? $ kinit admin $ curl --negotiate -u : https://ipa.example.test/ipa/ui/ I'd try on whatever your client machine is as well as the web server to see if behavior differs. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
