[Freeipa-users] Re: ERR - attrlist_replace - attr_replace (nsslapd-referral,

2018-08-01 Thread James Harrison via FreeIPA-users
Any ideas, anyone? On Tue, 31 Jul 2018 at 13:22, James Harrison via FreeIPA-users wrote: Hello, We have a machine with the following set up: CentOS Linux release 7.4.1708 (Core)ipa-server-4.5.0-21.el7.centos.2.2.x86_64 CA-less setup We're getting a lot of errors on one of our FreeIPA

[Freeipa-users] ERR - attrlist_replace - attr_replace (nsslapd-referral,

2018-07-31 Thread James Harrison via FreeIPA-users
Hello, We have a machine with the following set up: CentOS Linux release 7.4.1708 (Core)ipa-server-4.5.0-21.el7.centos.2.2.x86_64 CA-less setup We're getting a lot of errors on one of our FreeIPA servers. Hope you can help. Many thanksJames Harrison [31/Jul/2018:12:19:05.542401358 +0100] - ERR

[Freeipa-users] Re: Freeipa connecting to Redhat IPA server.

2017-12-15 Thread James Harrison via FreeIPA-users
Hi,How much RAM does the FreeIPA server have? Thanks On Friday, 15 December 2017, 04:17:52 GMT, Tony Delov via FreeIPA-users wrote: I've been having difficulties connecting a freeipa-client on Ubuntu 16.06 LTS, to a Redhat IPA server that has a

[Freeipa-users] ERR - ipa-topology-plugin - ipa_topo_util_get_replica_conf: server configuration missing

2017-12-14 Thread James Harrison via FreeIPA-users
Hello,I'm reinstalling a replica FreeIPA server in a CA-less environment. I'm looked online and found: https://www.redhat.com/archives/freeipa-users/2016-December/msg00391.html which is similar (or exactly the problem), but theres no solid resolution. I recopied /etc/ipa/ca.crt to the new

[Freeipa-users] Re: Unable to create GSSAPI-encrypted LDAP connection

2017-12-04 Thread James Harrison via FreeIPA-users
UPDATE: The principle info wrong. I did this and the error hasnt shown up since: [root@ipa-02 ~]# ipa-getkeytab --keytab=/etc/krb5.keytab --server ipa-01 -p host/ipa-02 --retrieve Keytab successfully retrieved and stored in: /etc/krb5.keytab Thanks for all your help. On Monday, 4 December

[Freeipa-users] Re: Unable to create GSSAPI-encrypted LDAP connection

2017-12-04 Thread James Harrison via FreeIPA-users
I ran the ipa-getkeytab command you suggested below: This was what I got:BTW: TheIPAUSER is an admin user, but not the "admin" user. I got the same result with the admin user. ~] IPA-02 #  kinit IPAUSER Password for x_ipau...@int.example.com: ~] IPA-02 # ipa-getkeytab

[Freeipa-users] GSSAPI-encrypted LDAP connection

2017-12-01 Thread James Harrison via FreeIPA-users
Hello,One one of our FreeIPA servers we are seeing the following messages from journal -f Dec 01 11:50:14 ipa-01.int.domain.com krb5kdc[7056](info): AS_REQ (8 etypes {18 17 16 23 25 26 20 19}) 10.3.5.88: PREAUTH_FAILED: host/ipa-01.int.domain@int.domain.com for

[Freeipa-users] FreeIPA server: Replication issues

2017-11-15 Thread James Harrison via FreeIPA-users
Hello,I am using Centos to host our FreeIPA servers. We have a CA-less setup. I have upgraded to Centos 7.4 and FreeIPA version : VERSION: 4.5.0, API_VERSION: 2.228 The upgrade of both went off without any seen errors. However, now I am getting the following messages on each server (12 in