Hi,
> How about: > > api.bootstrap(context='webservices', debug=True, xmlrpc_uri=' > https://luna.greyoak.com/ipa/xml') > when I do this, I get these messages --------------------------------------------------------------------- In [1]: from ipalib import api In [2]: api.bootstrap(context='webservices', debug=True, xmlrpc_uri=' https://server.domain.org/ipa/xml') In [3]: api.env.xmlrpc_uri Out[3]: u'https://server.domain.org/ipa/xml' In [4]: api.env.realm Out[4]: u'EXAMPLE.COM' In [5]: api.finalize() ipa: DEBUG: importing all plugin modules in '/usr/lib/python2.6/site-packages/ipalib/plugins'... ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py' ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/config.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/group.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbac.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/host.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/rolegroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/service.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/taskgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/user.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py' In [6]: api.Backend.xmlclient.connect() ipa: INFO: Created connection context.xmlclient In [7]: api.Command.user_show(u'admin') ipa: DEBUG: raw: user_show(u'admin') ipa: INFO: user_show(u'admin', all=False, raw=False) ipa: INFO: Forwarding 'user_show' to server u' https://server.domain.org/ipa/xml' ipa: DEBUG: Caught fault 3008 from server https://server.domain.org/ipa/xml: invalid 'uid': Only one value is allowed --------------------------------------------------------------------------- ConversionError Traceback (most recent call last) /root/<ipython console> in <module>() /usr/lib/python2.6/site-packages/ipalib/frontend.pyc in __call__(self, *args, **options) 399 self.validate(**params) 400 (args, options) = self.params_2_args_options(**params) --> 401 ret = self.run(*args, **options) 402 if ( 403 isinstance(ret, dict) /usr/lib/python2.6/site-packages/ipalib/frontend.pyc in run(self, *args, **options) 668 if self.api.env.in_server: 669 return self.execute(*args, **options) --> 670 return self.forward(*args, **options) 671 672 def execute(self, *args, **kw): /usr/lib/python2.6/site-packages/ipalib/frontend.pyc in forward(self, *args, **kw) 689 Forward call over XML-RPC to this same command on server. 690 """ --> 691 return self.Backend.xmlclient.forward(self.name, *args, **kw) 692 693 def finalize(self): /usr/lib/python2.6/site-packages/ipalib/rpc.pyc in forward(self, name, *args, **kw) 412 if e.faultCode in self.__errors: 413 error = self.__errors[e.faultCode] --> 414 raise error(message=e.faultString) 415 raise UnknownError( 416 code=e.faultCode, ConversionError: invalid 'uid': Only one value is allowed --------------------------------------------------------------------- For api.env.realm, u'DOMAIN.ORG' is expected value. it seems that api.env was not initialized correctly. Is there anything interesting logged on the server? > > With debug=True you get a lot more output, might show something as well. > You are right, here the logs on the ipa server --------------------------------------------------------------------- ==> /var/log/httpd/error_log <== ipa: INFO: Created connection context.ldap2 ipa: DEBUG: raw: user_show((u'admin',), all=False, raw=False) ipa: INFO: Destroyed connection context.ldap2 ==> /var/log/httpd/access_log <== 172.30.0.137 - [email protected] [23/Apr/2010:18:06:16 +0200] "POST /ipa/xml HTTP/1.0" 200 315 ==> /var/log/httpd/error_log <== ipa: INFO: Created connection context.ldap2 ipa: DEBUG: raw: user_show((u'admin',), all=False, raw=False) ipa: INFO: Destroyed connection context.ldap2 ==> /var/log/httpd/access_log <== 172.30.0.137 - [email protected] [23/Apr/2010:18:11:53 +0200] "POST /ipa/xml HTTP/1.0" 200 315 --------------------------------------------------------------------- I think, I have this problem because I use two different versions of freeipa. In the one hand, I have an old version (1.9.0GIT28d8bd6-0.fc12.i686 that I generated there was a time) of freeipa on the ipa server, on the other hand I have the last version of freeIPA on the client. So, I generated new rpms from the last version of git repository and I installed them on the client and server. But when I start ipa-server-install on the server, I get an error (hem I think that I must to post a new mail on the mailing list) ---------------------------------------------------------------------- .... .... The following operations may take some minutes to complete. Please wait until the prompt is returned. Configuring directory server for the CA: [1/4]: creating directory server user [2/4]: creating directory server instance [3/4]: configuring directory to start on boot [4/4]: restarting directory server done configuring pkids. Configuring certificate server: [1/14]: creating certificate server user [2/14]: configuring certificate server instance root : CRITICAL failed to restart ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname server.domain.org -cs_port 9445 -client_certdb_dir /tmp/tmp-Li3Uhg -client_certdb_pwd XXXXXXXX -preop_pin cYUmg5JpkmRm3xBAlTqg -domain_name IPA -admin_user admin -admin_email r...@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject "CN=ipa-ca-agent,O=IPA" -ldap_host server.domain.org -ldap_port 7389 -bind_dn "cn=Directory Manager" -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA" -ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA" -ca_server_cert_subject_name "CN=server.domain.org,O=IPA" -ca_audit_signing_cert_subject_name "CN=CA Audit,O=IPA" -ca_sign_cert_subject_name "CN=Certificate Authority,O=IPA" -external false -clone false' returned non-zero exit status 255 [3/14]: creating CA agent PKCS#12 file in /root Unexpected error - see ipaserver-install.log for details: Command '/usr/bin/pk12util -n ipa-ca-agent -o /root/ca-agent.p12 -d /tmp/tmp-Li3Uhg -k /tmp/tmphMeDU3 -w /tmp/tmphMeDU3' returned non-zero exit status 24 ---------------------------------------------------------------------- In the logs of installation i found these errors : ---------------------------------------------------------------------- .... Attempting to connect to: server.domain.org:9445 ERROR: unable to set Cipher List ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001 : (-12266) An unknown SSL cipher suite has been requested. in TestCertApprovalCallback.approve() .... .... ERROR: unable to parse xml ERROR XML = ERROR: ConfigureCA: LoginPanel() failure ERROR: unable to create CA ####################################################################### 2010-04-23 18:57:01,648 INFO stderr=[Fatal Error] :1:947: The element type "HR" must be terminated by the matching end-tag "</HR>". org.xml.sax.SAXParseException: The element type "HR" must be terminated by the matching end-tag "</HR>". at org.apache.xerces.parsers.DOMParser.parse(DOMParser.java:239) at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:283) at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:121) at ParseXML.parse(ParseXML.java:43) at ConfigureCA.LoginPanel(ConfigureCA.java:199) at ConfigureCA.ConfigureCAInstance(ConfigureCA.java:1138) at ConfigureCA.main(ConfigureCA.java:1595) ... ---------------------------------------------------------------------- I can provide you other informations if needed. Thank you for your help !
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
