This can sometimes occur when there are mismatched versions of java
libraries. Is every Java-related package (especially resteasy and
tomcat packages) at the latest version?
Cheers,
Fraser
On Fri, Dec 07, 2018 at 04:54:06PM +0100, Milos Cuculovic via FreeIPA-users
wrote:
> Trying to run pki cer
74cmonty via FreeIPA-users wrote:
> Hi,
> can you please advise how to upgrade to 4.7.2?
>
> I'm running version 4.7.0
> [root@ipa-replica ~]# rpm -q freeipa-server freeipa-client ipa-server
> ipa-client 389-ds-base pki-ca krb5-server
> freeipa-server-4.7.0-3.fc29.x86_64
> freeipa-client-4.7.0-3.
Hi,
can you please advise how to upgrade to 4.7.2?
I'm running version 4.7.0
[root@ipa-replica ~]# rpm -q freeipa-server freeipa-client ipa-server
ipa-client 389-ds-base pki-ca krb5-server
freeipa-server-4.7.0-3.fc29.x86_64
freeipa-client-4.7.0-3.fc29.x86_64
Das Paket ipa-server ist nicht install
Hello Flo,
I've decided to follow your advise.
This means I will install another CA instance on the replica server.
However I would prefer to upgrade FreeIPA to version 4.7.2 before.
Unfortunately I failed on this task.
I've executed ipa-server-upgrade and this process finished successfully afte
Trying to run pki cert-show 1 and getting back plenty of warnings about:
WARN: RESTEASY002145: NoClassDefFoundError: Unable to load builtin provider
org.jboss.resteasy.plugins.providers.InputStreamProvider from
jar:file:/usr/share/java/resteasy-jaxrs.jar!/META-INF/services/javax.ws.rs.ext.Provid
Hi,
we have an IPA 4.6.4 environment with an AD Trust configured and everything's
working perfectly.
My question is: Is it possible to configure, that extra AD user attributes are
transfered? I would need the AD user attribute "mail" with the users email
address.
This question came up, after
Woot!
We had a stale, old server vm that got powered on. Once we shut it
downand then cycled these, they worked just fine.
Weird, but we're past this. Thanks!
On 12/07/2018 07:52 AM, Bret Wortman via FreeIPA-users wrote:
Other symptoms:
# kinit admin
:
# ipa help user
ipa: ERROR: No vali
I tried various approached to get Renewable tickets :
modifying the kdc
modifying krb5.conf
using kadmin.local on every replica to modify the principal; which is not
working - as designed (?)- in IPA
What should I do to get a ticket with the correct R flag from IPA ?
I don't think this is SSSD rel
Other symptoms:
# kinit admin
:
# ipa help user
ipa: ERROR: No valid Negotiate header in server response
This is now happening on our primary IPA server.
On 12/07/2018 07:42 AM, Bret Wortman via FreeIPA-users wrote:
I'm seeing this in /var/log/messages periodically:
systemd: Starting IPA
I'm seeing this in /var/log/messages periodically:
systemd: Starting IPA key daemon...
ipa-dnskeysyncd: ipa : INFO LDAP bind...
ipa-dnskeysyncd: ipa : ERROR Login to LDAP server failed:
{'desc': 'Invalid credentials'}
ipa-dnskeysyncd: Traceback (most recent call last):
ipa-dns
Yes:
# KRB5_TRACE=/dev/stderr ldapsearch -H
'ldapi://%2fvar%2frun%2fslapd-MY-NET.socket' -Y GSSAPI -b
'cn=dns,dc=my,dc=net'
SASL/GSSAPI authentication started
[28940] 1544178390.191479: ccselect module real chose cache
KEYRING:persistent:0:0 with client principal DNS/ipa3.my@my.net for
s
11 matches
Mail list logo
