I recently reinstalled a couple of our freeipa replicas and they're both
falling over with the same error. They run for a few minutes - as little as
one, or up to an hour, and then fall over with thousands of errors like this:
> ERR - accept_and_configure - PR_Accept() failed, Netscape Portable
> one option would be to only build freeipa-client, but that'd leave
> anyone using the server out in the cold.
Since some of us are running the server on different distros, what do you see
as the blockers to getting freeipa-client into debian, presumably without
-server?
And, in the interest
Rob mentioned issues with restoring data for one entry. We run on VMs, and
periodically take snapshots. We can copy a snapshot to a new VM. Since the
hostname is critical, edit /etc/hosts and add an entry for the new IP address
giving it the original hostname. That way the system will think
Rob,
Thanks for your response, it was very helpful!
A monitoring tool would be great, I should say that I am sleeping better
because I'm getting to the point where I can at least back-out things when
there's that kind of failure.
It sounds like the level of caution that I've applied to this is
In Linux, time is always in UTC internally. The time zone controls how time it
shown to users. Changing the time zone thus has no effect on the internal
operations of the servers. It just changes log files and user displays. If you
actually reset the time on the server to local time, Kerberos
I located every entry in LDAP that referenced the failed server and removed
each of them. I know that the entries in the etc ipa masters hierarchies
wouldn't go until I'd removed several of the others, which know included
the custodia entries. I think there weren't any topology entries by that
I forgot to note that you use “nfsadmin” to enable to mapping.
nfsadmin mapping config addomain=krb1.cs.rutgers.edu
nfsadmin mapping config adlookup=yes
In this case I’m pointing to your KDC. I believe it will work if you use your
domain name, as long as you have the appropriate DNS entries.
We’re in the process of setting up Windows machines to authenticate against IPA
and use home directories from our NFS servers with Kerberized NFS.
The process is not easy, but possible. One thing I’ve found frustrating is that
documentation on Windows NFS is terrible. In particular, when you
On Wed, Jan 9, 2019 at 4:07 PM Rob Crittenden via FreeIPA-users
wrote:
> Christopher Lamb via FreeIPA-users wrote:
> > Hi
> >
> > I have just upgraded our ipa-server from 4.2 to 4.6.4 via yum update on
> > OEL 7.2.
> >
> > At the very last step of the yum update I got the following warning:
> >
>
Christopher Lamb via FreeIPA-users wrote:
> Hi
>
> I have just upgraded our ipa-server from 4.2 to 4.6.4 via yum update on
> OEL 7.2.
>
> At the very last step of the yum update I got the following warning:
>
> OSError: No such file or directory
> ValueError: SELinux policy is not managed or
Well, could you please share your recommendation for this request, means how
would you add / maintain a laptop with 2 NICs?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
Hi Rob,
Thanks for your response .
In my server following service are running . Do you have any idea what's
service depends on system time .
dirsrv@BANGLALINK-NET.service = 389 Directory Server BANGLALINK-NET.
httpd.service = The Apache HTTP Server
ipa-custodia.service
On 1/8/19 10:45 PM, Stijn De Weirdt via FreeIPA-users wrote:
hi all,
we are running centos76 with ipa-server-4.6.4-10.el7 (one master and one
replica; the upgrade went fine on both) and we have a problem with pki
tomcat. (we are not sure since when this occurs, but it might be from
after the
13 matches
Mail list logo