[Freeipa-users] Re: Waiting for CA subsystem to start

2021-08-30 Thread Rob Crittenden via FreeIPA-users
MERCIER Jonathan via FreeIPA-users wrote: > After some further investigation > > # dsctl -l > slapd-INFRA-MICROBIOME-STUDIO > # dsctl slapd-INFRA-MICROBIOME-STUDIO status > Instance "INFRA-MICROBIOME-STUDIO" is running > # rpm -qa | grep 389-ds > 389-ds-base-1.4.3.16-19.module+el8.4.0+636+837ee950

[Freeipa-users] Re: Waiting for CA subsystem to start

2021-08-30 Thread MERCIER Jonathan via FreeIPA-users
After some further investigation # dsctl -l slapd-INFRA-MICROBIOME-STUDIO # dsctl slapd-INFRA-MICROBIOME-STUDIO status Instance "INFRA-MICROBIOME-STUDIO" is running # rpm -qa | grep 389-ds 389-ds-base-1.4.3.16-19.module+el8.4.0+636+837ee950.x86_64 389-ds-base-libs-1.4.3.16-19.module+el8.4.0+636+83

[Freeipa-users] Re: Waiting for CA subsystem to start

2021-08-30 Thread MERCIER Jonathan via FreeIPA-users
yes the link was broken (sorry): https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/XFYVC6MUAKYLRIR6H6WM6SD4USLMIG2E/ about cpu and ram: # lscpu Architecture : x86_64 Mode(s) opératoire(s) des processeurs : 32-bit, 64-bit Boutisme :

[Freeipa-users] Re: Waiting for CA subsystem to start

2021-08-30 Thread MERCIER Jonathan via FreeIPA-users
i) Yes selinux is enable ii) ipa version # ipa --version VERSION: 4.9.2, API_VERSION: 2.240 iii) ansible-freeipa # dnf info *freeipa* Paquets disponibles Nom : ansible-freeipa Version : 0.3.2 Publication : 2.el8 ___ FreeIPA-users mailing

[Freeipa-users] Re: Unable to start directory server after updates

2021-08-30 Thread Jeremy Tourville via FreeIPA-users
To answer your question, yes, /etc/named/ipa-ext.conf and /etc/named/ipa-options-ext.conf exist. When I attempted to start named-pkcs11.service. It failed. Journalctl initially said there were issues with selinux. Anyhow, I attempted to start the service again after making the selinux policy

[Freeipa-users] Using AD user as service account in linux IDM freeipa clients

2021-08-30 Thread Ravindra Kumar via FreeIPA-users
I have a customer who has IDM installed on RHEL 8.3 and has a one way trust with Windows 2019 AD. The customer wants to make use of AD account as a service account for linux based applications running on IDM clients (also on RHEL 8.3). Example: the nginx service is expected to run under an AD

[Freeipa-users] Re: Unable to start directory server after updates

2021-08-30 Thread Florence Renaud via FreeIPA-users
Hi, on rhel8, IPA is using named*-pkcs11*.service, not named.service. In order to manually start the bind service, you would need to use "systemctl start named-pkcs11.service". The journal may contain additional logs, as well as the output of "systemctl status named-pkcs11.service". IIRC in ipa 4

[Freeipa-users] Re: Unable to start directory server after updates

2021-08-30 Thread Alexander Bokovoy via FreeIPA-users
On su, 29 elo 2021, Jeremy Tourville via FreeIPA-users wrote: I found this page on troubleshooting - https://docs.pagure.org/bind-dyndb-ldap/BIND9/NamedCannotStart.html I can manually start named.service but cannot start named when using ipactl. Section 1 I was able to get a log (this log is p