Bret Wortman wrote:
Here's a bit more about what I'm seeing today.
My master _is_ serving some DNS, but it appears that it's only serving
those zones that it knew about before all this trouble started 7-10 days
ago. In particular, it can only do reverse DNS on one zone (its own),
but can't serve
On Aug 20, 2013, at 6:46 AM, Rich Megginson
mailto:rmegg...@redhat.com>> wrote:
On 08/20/2013 05:55 AM, Bret Wortman wrote:
Okay, now I'm thinking I need to dump all my replicas and start them fresh. My
/var/log/slapd-FOO-COM/errors is filled with messages like this:
NSMMReplicationPlugin - cha
If I were going to attempt to restore to an old backup, what
directories/files should I make sure to restore? I've got a backup script
that tars up:
/usr/share/ipa
/usr/lib64/ipa
/var/lib/pia
/var/lib/ipa-client
/var/lib/dirsrv
/etc
Is that enough to "roll back" to a few days ago before I started
Okay, now I'm thinking I need to dump all my replicas and start them fresh.
My /var/log/slapd-FOO-COM/errors is filled with messages like this:
NSMMReplicationPlugin - changelog program - agmt="cn=meTogood1.foo.com"
(good1:389): CSN 520a4964001d not found, we aren't as up to date,
or we pu
On Mon, 2013-08-19 at 13:51 -0400, Bret Wortman wrote:
> So, any idea how to fix the Kerberos problem?
>
If your server is trying to get a tgt for ldap/localhost it probably
means your /etc/hosts file is broken and has a line like this:
1.2.3.4 localhost my.real.name
When GSSAPI tries to resolv
So, any idea how to fix the Kerberos problem?
*
*
*Bret Wortman*
http://damascusgrp.com/
http://about.me/wortmanbret
On Mon, Aug 19, 2013 at 12:19 PM, Bret Wortman wrote:
> ...and I got the web UI, authentication and sudo back via:
>
> # ipactl stop
> # ipactl start
>
> Not sure why that wor
...and I got the web UI, authentication and sudo back via:
# ipactl stop
# ipactl start
Not sure why that worked, but it did. I was grasping at straws, honestly.
*
*
*Bret Wortman*
http://damascusgrp.com/
http://about.me/wortmanbret
On Mon, Aug 19, 2013 at 12:18 PM, Bret Wortman wrote:
> D
Digging further, I think this log entry might be the problem between the
two servers that aren't talking:
slapd_ldap_sasl_interactive_bind - Error: could not perform interactive
bind for id[] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic
failure: GSSAPI Error: Unspecified GSS failu
Rob Crittenden wrote:
Bret Wortman wrote:
Well, my master ground to a halt and wasn't responding. I rebooted the
system and now I can't access the web UI or ssh to the master either. I
have console access but that's it.
The services all say they're running, but the web UI gives an "Unknown
Erro
Bret Wortman wrote:
Well, my master ground to a halt and wasn't responding. I rebooted the
system and now I can't access the web UI or ssh to the master either. I
have console access but that's it.
The services all say they're running, but the web UI gives an "Unknown
Error" dialog and ssh fails
Well, my master ground to a halt and wasn't responding. I rebooted the
system and now I can't access the web UI or ssh to the master either. I
have console access but that's it.
The services all say they're running, but the web UI gives an "Unknown
Error" dialog and ssh fails with "ssh_exchange_id
Bret Wortman wrote:
How can I tell if this is working? It's been 10 minutes and it hasn't
returned; IPA response is sluggish and top doesn't show anything
obviously running & sucking up CPU.
It should be nearly instantaneous. It doesn't actually do a lot. It
deletes the master from cn=masters,
How can I tell if this is working? It's been 10 minutes and it hasn't
returned; IPA response is sluggish and top doesn't show anything obviously
running & sucking up CPU.
*
*
*Bret Wortman*
http://damascusgrp.com/
http://about.me/wortmanbret
On Mon, Aug 19, 2013 at 10:16 AM, Bret Wortman wrot
Not according to my poll of the good ones, so here goes. Thanks, Rob.
*
*
*Bret Wortman*
http://damascusgrp.com/
http://about.me/wortmanbret
On Mon, Aug 19, 2013 at 10:35 AM, Rob Crittenden wrote:
> Bret Wortman wrote:
>
>> The software is actually gone from both boxes -- one is dead and the
Bret Wortman wrote:
The software is actually gone from both boxes -- one is dead and the
other was reinstalled when the upgrade failed. So I can't get at the
database for either one. Safe to just --cleanup in that case?
Assuming that none of the good servers have an agreement with bad* then
y
The software is actually gone from both boxes -- one is dead and the other
was reinstalled when the upgrade failed. So I can't get at the database for
either one. Safe to just --cleanup in that case?
*
*
*Bret Wortman*
http://damascusgrp.com/
http://about.me/wortmanbret
On Mon, Aug 19, 2013 at
Bret Wortman wrote:
My replication situation has gotten a bit messed up.
I have four replicas that are up and running and two that I'm trying to
delete (one is not a replica any more, one didn't upgrade well during
its fedup upgrade from F17->F18 and as such I had to do a clean OS install).
# i
My replication situation has gotten a bit messed up.
I have four replicas that are up and running and two that I'm trying to
delete (one is not a replica any more, one didn't upgrade well during its
fedup upgrade from F17->F18 and as such I had to do a clean OS install).
# ipa-replica-manage list
18 matches
Mail list logo