[Freeipa-users] various errors and warnings on F34: Can't contact LDAP server, Component identity is NULL; Failed to unwrap key for cipher

After upgrading to Fedora 34 and freeipa-server-4.9.3-2.fc34.x86_64, we're seeing the below errors. I found a previous post that mentions a user had these during a migration but we finished the migration a while ago: https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org

[Freeipa-users] Re: How to blend IPA server 4.1.4 on F21 with server 4.6.8 on C7?

Bret Wortman wrote: > I tried using ipa-backup but it keeps aborting claiming there's not enough > space on the target device but nothing even comes close to 100% usage. Is > there another way to export to LDIF? > > You can call db2ldif directly with: # systemctl stop dirsrv.target # dsctl sl

[Freeipa-users] Re: How to blend IPA server 4.1.4 on F21 with server 4.6.8 on C7?

I tried using ipa-backup but it keeps aborting claiming there's not enough space on the target device but nothing even comes close to 100% usage. Is there another way to export to LDIF? -- Bret Wortman bret.wort...@damascusgrp.com On Fri, Jun 4, 2021, at 9:01 AM, Rob Crittenden wrote: > B

[Freeipa-users] Re: healthcheck complains about a removed replica

Florence Renaud wrote: > Hi, > I'm not sure the issue is really on PKI side. On ipa server-del call, > IPA should also make sure to call something similar to > pki securitydomain-host-del to make sure that the host is removed from > PKI security domain. > > This was tracked in BZ 1740702 >

[Freeipa-users] Re: How to blend IPA server 4.1.4 on F21 with server 4.6.8 on C7?

Bret Wortman wrote: > So I started removing ipa2c7 this morning but am not getting very far... > > [root@ipa1 httpd]# ipa-replica-manage del ipa2c7.our.net --force > Connection to 'ipa2c7.our.net' failed: > Forcing removal of ipa2c7.our.net > Skipping calculation to determine if one or more maste

[Freeipa-users] Re: python3-ipaserver installutils.py missing IPA_MODULES list

Iulian, I need more details on what is going on then. Can you provide the Ansible output with -vvv, your inventory file and the relevant tasks from the playbook? Rafael On Thu, Jun 3, 2021 at 4:54 AM iulian roman via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > Hi Rafael , > >

[Freeipa-users] Re: How to blend IPA server 4.1.4 on F21 with server 4.6.8 on C7?

So I started removing ipa2c7 this morning but am not getting very far... [root@ipa1 httpd]# ipa-replica-manage del ipa2c7.our.net --force Connection to 'ipa2c7.our.net' failed: Forcing removal of ipa2c7.our.net Skipping calculation to determine if one or more masters would be orphaned. Deleting r

[Freeipa-users] Re: healthcheck complains about a removed replica

Hi, I'm not sure the issue is really on PKI side. On ipa server-del call, IPA should also make sure to call something similar to pki securitydomain-host-del to make sure that the host is removed from PKI security domain. This was tracked in BZ 1740702