[Freeipa-users] Re: Failed to read service file. Hostname does not match any master server in LDAP

2018-01-03 Thread Rob Crittenden via FreeIPA-users
pgb205 via FreeIPA-users wrote: > I have also checked on the neighboring replica and can see the broken > server in > > ldapsearch -b "cn=masters, cn=ipa, cn=etc, dc=domain,dc=local" -D > cn="directory manager" -w "(objectclass=ipaReplTopoManagedServer)" > > output. > > so other

[Freeipa-users] Re: Failed to read service file. Hostname does not match any master server in LDAP

2018-01-03 Thread pgb205 via FreeIPA-users
I have also checked on the neighboring replica and can see the broken server in      ldapsearch -b "cn=masters, cn=ipa, cn=etc, dc=domain,dc=local" -D cn="directory manager" -w "(objectclass=ipaReplTopoManagedServer)"   output.  so other servers are not losing the information. Just somehow

[Freeipa-users] Re: Failed to read service file. Hostname does not match any master server in LDAP

2018-01-03 Thread pgb205 via FreeIPA-users
as far as hostname it's there on both failed replica with hostname -f commandbut also on the replica that it's connected to.on the neighbor replica I can ping failed replica by fqdnand it shows up in ipa-replica-manage list From: Rob Crittenden To: pgb205

[Freeipa-users] Re: AD Trust

2018-01-03 Thread Alexander Bokovoy via FreeIPA-users
On ke, 03 tammi 2018, Sumit Bose via FreeIPA-users wrote: On Wed, Jan 03, 2018 at 07:56:57PM +0700, Николай Савельев via FreeIPA-users wrote: I have ipa domain with AD trust. id ad_users@ad_domain works. su ad_users@ad_domain works. kinit ad_users@ad_domain don't works in ubuntu but works in

[Freeipa-users] Re: debian 8 freeipa-client

2018-01-03 Thread Lee Wiscovitch via FreeIPA-users
Doesn't really address the core issue, but wanted to chime in that we ended up having to manually configure our Debian 8 instances to work with our RHEL IPA servers. We use ansible to automate the entire process, the playbook contents below should be descriptive enough to know what is being

[Freeipa-users] Re: AD Trust

2018-01-03 Thread Николай Савельев via FreeIPA-users
I have ipa domain with AD trust. id ad_users@ad_domain works. su ad_users@ad_domain works. kinit ad_users@ad_domain don't works in ubuntu but works in centos 7 What? /etc/krb5.conf is the same. ipa servers work on centos 7. Ipa client work on ubuntu 14.04 or 16.04. I also can't get access from AD