We have multiple ipa servers but only one is continuously affected by the 
strange problem described in the subject line.Users report not being able to 
login to servers that are using a specific ipa_server. Looking at this server 
ipactl shows everything as RUNNING. ipactl restart fixes the issue until the 
next time.
My questions are:1. What could be causing this, and what can I check.2. What 
logging should I enable on the server.3. We are currently monitoring for 
processes 'Running' but clearly that is not fool-proof way to check if the 
service is actually up.What would be a definitive method to check if Freeipa is 
up and functional in all respects. I was thinking of setting up cron jobthat 
attempts to do kinit <fakeUserid> on a client machine. The problems that I 
foresee with this method is caching that might give false negatives.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to