On 10/27/2014 06:13 AM, Innes, Duncan wrote:
Hi,
Have been using `ping` to test connectivity from our clients to the various IPA servers around the WAN before running an ldapsearch to pull some details about the client from the LDAP database. Several new VLAN's have now come online that do not permit ping traffic to be transmitted outside the VLAN, so clients on these LAN's think they can't see any of my IPA servers and then fail the domain join during the kickstart phase. Wondering if there's a consensus on how to check connectivity to IPA servers on the network? Something that I can use during the kickstart post-install phase.
Current effort is:
wget --timeout=1 --tries=1 --no-check-certificate https://ipaserver1.example.com and then test $? for result. But this only tests ports 80/443 - which authentication clients wont necessarily have access on. Can I reliably test the other FreeIPA ports? 389, 636,


389: ldapsearch -xLLL -h ipaserver1.example.com -p 389 -s base -b ""

636: LDAPTLS_REQCERT=never ldapsearch -xLLL -H ldaps://ipaserver1.example.com -s base -b ""


88, 464? These are the ports that clients have to be allowed access to the IPA servers.
Cheers
Duncan

This message has been checked for viruses and spam by the Virgin Money email scanning system powered by Messagelabs.

This e-mail is intended to be confidential to the recipient. If you receive a copy in error, please inform the sender and then delete this message.

Virgin Money plc - Registered in England and Wales (Company no. 6952311). Registered office - Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL. Virgin Money plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.

The following companies also trade as Virgin Money. They are both authorised and regulated by the Financial Conduct Authority, are registered in England and Wales and have their registered office at Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL: Virgin Money Personal Financial Service Limited (Company no. 3072766) and Virgin Money Unit Trust Managers Limited (Company no. 3000482).

For further details of Virgin Money group companies please visit our website at virginmoney.com



-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to