Solved this on my own.
In case anyone else hits this on rhel7 ipa-server 4.1.0-18, just start the dirsrv and tomcat instances by hand:
# systemctl start dir...@realm.name
# systemctl start pki-tomcatd@pki-tomcat.service

and then run your installer again:

# ipa-server-install --external-cert-file=ca_chain_and_ipa_cert.pem

Sorry for the noise!
/andreas

On 09/28/2015 12:27 PM, Andreas Calminder wrote:
Hello,
I have a really strange problem while installing the ipa-server. I've installed the server like this: # ipa-server-install --idstart=76400000 -N --realm=DOMAIN.TLD --hostname=idm1.sub.domain.tld -n domain.tld --external-ca --external-ca-type=ms-cs

I get he csr and send it off to our AD admin, I poweroff the machine and take a snapshot, because you know, if anything goes wrong I want a clean snapshot. I startup the machine and try to run the installer a second time, like suggested by the installer: # ipa-server-install --external-cert-file=/tmp/ipa.crt --external-cert-file=/tmp/ca_chain.crt

It fails with Unable to access directory server: Can't contact ldap server.

Ok, fine because it wasn't started after reboot.

# ipactl start
Starting Directory Service
Failed to read data from service file: Failed to get list of services to probe status! Configured hostname 'idm1.sub.domain.tld' does not match any master server in LDAP:
idm1.sub.domain.tld
Shutting down

I reverted back to my snapshot, I still get the same error message. I can start the dirsrv without problem with systemctl start dirsrv@DOMAIN-TLD.

Running ipactl -d:
ipactl -d status
ipa: DEBUG: importing all plugin modules in '/usr/lib/python2.7/site-packages/ipalib/plugins'... ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/idviews.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken_yubikey.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
ipa: DEBUG: Starting external process
ipa: DEBUG: args='klist' '-V'
ipa: DEBUG: Process finished, return code=0
ipa: DEBUG: stdout=Kerberos 5 version 1.12.2

ipa: DEBUG: stderr=
ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/radiusproxy.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/rpcclient.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py' ipa: DEBUG: importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
ipa: DEBUG: Starting external process
ipa: DEBUG: args='/bin/systemctl' 'is-active' 'dirsrv@DOMAIN-TLD.service'
ipa: DEBUG: Process finished, return code=0
ipa: DEBUG: stdout=active

ipa: DEBUG: stderr=
ipa: DEBUG: Starting external process
ipa: DEBUG: args='/bin/systemctl' 'is-active' 'dirsrv@DOMAIN-TLD.service'
ipa: DEBUG: Process finished, return code=0
ipa: DEBUG: stdout=active

ipa: DEBUG: stderr=
ipa: DEBUG: flushing ldapi://%2fvar%2frun%2fslapd-NORDNET-SE.socket from SchemaCache ipa: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-DOMAIN-TLD.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x1b483b0> ipa: DEBUG: File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 646, in run_script
    return_value = main_function()

  File "/usr/sbin/ipactl", line 517, in main
    ipa_status(options)

  File "/usr/sbin/ipactl", line 439, in ipa_status
    raise e

ipa: DEBUG: The ipactl command failed, exception: IpactlError: Failed to get list of services to probe status! Configured hostname 'idm1.sub.domain.tld' does not match any master server in LDAP:
idm1.sub.domain.tld
Failed to get list of services to probe status!
Configured hostname 'idm1.sub.domain.tld' does not match any master server in LDAP:
idm1.sub.domain.tld

Any help or pointers greatly appreciated!

Regards,
Andreas


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to