When I run ypcat on the IPA servers it states that ypbind can't communicate. I started ypbind on the secondary IPA server so now I can run ypcat. Is running ypbind on the IPA servers necessary? According to all of the documentation I read it doesn't mention anything about ypbind on the servers.
Yup, I checked the status of the port to make sure nothing else was using it. I configured it for an empty port below 1024. -----Original Message----- From: Rob Crittenden [mailto:rcrit...@redhat.com] Sent: Monday, January 06, 2014 6:13 PM To: Joseph, Matthew (EXP); d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues Joseph, Matthew (EXP) wrote: > Hello, > > I can add the old UNIX servers using NIS to the secondary IPA server but not > the primary. > The servers can ping the primary with no issues. > > I didn't think the IPA servers could run ypcat? Either way neither of the > servers can run the ypcat commands. Can't run them how? > Nope, ypbind was stopped when those errors came up. Can you confirm that nothing else is bound to the port? rob > > Matt > > -----Original Message----- > From: Rob Crittenden [mailto:rcrit...@redhat.com] > Sent: Thursday, January 02, 2014 2:58 PM > To: Joseph, Matthew (EXP); d...@redhat.com; freeipa-users@redhat.com > Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues > > Joseph, Matthew (EXP) wrote: >> Hello, >> >> All of the IPA services are running. >> >> When I tried running the ipa-compat-manage enable and ipa-nis-manage >> enable they are both loaded and running. > > On the IPA master you should be able to run something like: > > $ ypcat -h `hostname` -d <your nis domain name> passwd > > This will confirm basic operation on the server. > > If you can run the same on a client it will rule out firewall issues. > > Is a ypbind process already running on these clients? That might > explain the 'address in use' error. > > rob > >> >> The firewall is not the issue, I am positive about that. >> >> What do you mean by looking at the compat tree from the IPA server? >> >> Matt >> >> *From:*freeipa-users-boun...@redhat.com >> [mailto:freeipa-users-boun...@redhat.com] *On Behalf Of *Dmitri Pal >> *Sent:* Thursday, January 02, 2014 12:13 PM >> *To:* freeipa-users@redhat.com >> *Subject:* EXTERNAL: Re: [Freeipa-users] NIS Compat issues >> >> On 01/02/2014 11:05 AM, Joseph, Matthew (EXP) wrote: >> >> Hello, >> >> I've recently had to restart my IPA servers and my NIS compatibility >> mode has stopped working. >> >> I've configured my IPA server to run in NIS compatibility mode by >> doing the following. >> >> [root@ipaserver ~]# ipa-nis-manage enable >> >> [root@ipaserver ~]# ipa-compat-manage enable >> >> Restart the DNS and Directory Server service: >> >> [root@server ~]# service restart rpcbind >> >> [root@server ~]# service restart dirsrv >> >> On my NIS clients I have the following setup in the yp.conf file. >> >> domain domainname.ca >> server ipaservername.domainname.ca >> >> I tried just running the broadcast option but with no luck. >> >> When I try to do a service ypbind start on my NIS clients it takes a >> few minutes to finally fail. >> >> When I tried an yptest says "Can't communicate with ypbind" which >> makes sense since ypbind will not start. >> >> On the NIS client in the messages file it says the following; >> >> Ypbind: broadcast: RPC: Timed Out >> >> Cannot bind UDP: Address already in use >> >> Nothing has changed on my IPA server/configuration so I have no idea >> why this stopped working. >> >> Any suggestions? >> >> >> Please check if the IPA is running, the DS is running. Check the logs >> that the compat plugin is loaded and working. >> You can also try looking at the compat tree from the server itself to >> verify that the plugin, at least the DS part is functional. >> >> This generally smells as a firewall issue but I have not way to prove >> or disprove the theory. >> >> >> Matt >> >> >> >> >> _______________________________________________ >> >> Freeipa-users mailing list >> >> Freeipa-users@redhat.com <mailto:Freeipa-users@redhat.com> >> >> https://www.redhat.com/mailman/listinfo/freeipa-users >> >> >> >> >> -- >> >> Thank you, >> >> Dmitri Pal >> >> >> >> Sr. Engineering Manager for IdM portfolio >> >> Red Hat Inc. >> >> >> >> >> >> ------------------------------- >> >> Looking to carve out IT costs? >> >> www.redhat.com/carveoutcosts/ <http://www.redhat.com/carveoutcosts/> >> >> >> >> >> >> >> >> _______________________________________________ >> Freeipa-users mailing list >> Freeipa-users@redhat.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users