Re: [Freeipa-users] Unable to enroll new client in DNS

2015-10-22 Thread Petr Spacek
On 21.10.2015 22:43, Justin Lambert wrote: > ;; ANSWER SECTION: > 2667812275.sig-ipa1.domain.com. 0 ANY TKEY gss-tsig. 0 0 3 BADKEY 0 0 > > dns_tkey_negotiategss: TKEY is unacceptable Please consult named logs on server ipa1.domain.com and see if there are any errors related to dynamic update.

Re: [Freeipa-users] clean-ruv : How Long?

2015-10-22 Thread Mark Reynolds
Hi Janelle, It's really hard to say how long it might take. I know if the replicas are under heavy replication load it can take while to complete. Either way it should not take long to complete(a few hours max) - as long as all the replicas are online. There is very good logging for

Re: [Freeipa-users] SUDO does not always works on first try

2015-10-22 Thread Zoske, Fabian
Hi Lukas, Thank you. These packages fixed the issue. Best regards, Fabian -Ursprüngliche Nachricht- Von: Lukas Slebodnik [mailto:lsleb...@redhat.com] Gesendet: Montag, 19. Oktober 2015 10:52 An: Zoske, Fabian Cc: freeipa-users@redhat.com Betreff: Re: [Freeipa-users] SUDO does not

Re: [Freeipa-users] Steps to rebuild a master node in IPA cluster

2015-10-22 Thread Martin Kosek
On 10/21/2015 11:11 PM, Andrey Ptashnik wrote: > Hello IPA Team, > > In one location we have IPA cluster based on CentOS 7.1 with IPA 4.1.0. One > master and another replica. We noticed that Master node potentially has a > corrupted database, some records cannot be deleted and IPA services

Re: [Freeipa-users] SUDO does not always works on first try

2015-10-22 Thread Jakub Hrozek
On Thu, Oct 22, 2015 at 06:14:01AM +, Zoske, Fabian wrote: > Hi Lukas, > > Thank you. These packages fixed the issue. Thank you very much for the testing and reporting back! -- Manage your subscription for the Freeipa-users mailing list:

Re: [Freeipa-users] Unable to enroll new client in DNS

2015-10-22 Thread Petr Spacek
On 22.10.2015 14:23, Justin Lambert wrote: > When I looked at the DNS logs there was nothing of any value (with a fresh > attempt of registering DNS records) so I added a logging channel for ldap > at severity 9. After restarting bind the DNS registration worked without > issue. Removing the

Re: [Freeipa-users] Unable to enroll new client in DNS

2015-10-22 Thread Justin Lambert
When I looked at the DNS logs there was nothing of any value (with a fresh attempt of registering DNS records) so I added a logging channel for ldap at severity 9. After restarting bind the DNS registration worked without issue. Removing the logging channel and re-running the update worked. It

[Freeipa-users] clean-ruv : How Long?

2015-10-22 Thread Janelle
Hello, I was wondering if there is any average or expectation of how long a "clean-ruv" task should take across 16 fairly busy servers? Thank you ~J -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org