[Freeipa-users] Question about FreeIPA

[Mike Manfredi via FreeIPA-users]

 I noticed in FreeIPA is that it looks like the directory infrastructure is 
flat. There is no tree, or no way to make OUs.

When I look at other solutions like openLDAP and 389 Directory server. It has 
the ability to do trees.

Which makes me wonder if, FreeIPA is using 389 Directory server, why is it 
flat. Is there a way to make it more flexible, or do I have to find other 
solutions?  

If it's better than having a tree and make multiple OUs, can you please tell me 
why?  

Thanks
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

[Freeipa-users] Question about FreeIPA-pki-tomcatd fails to start

[None via FreeIPA-users]

 

Dear,

 I encountered an issue on FreeIPA, could someone give some
suggestion? thanks ahead~

 

ipactl start

Starting Directory Service

Staring krb5kdc service

Staring kadmin Service

…

Starting pki-tomcatd Service

Failed
to start pki-tomcatd server

..

 

The Linux version is CentOS7.2 and IPA version is 4.2.

 

I know I can use “ipactl -f start” to work around this issue,
but I still need to fix it because the issue influence function of 
“ipa-replica-prepare xxx”.

 

Looking into log files under /var/log/pki-tomcat, there are some error
logs. I found some similar issue from others, but not exactly the same with
mine. Mine issue is about cannot create 
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/signedAudit/ca_audit)
successfully. 

Do you know what could be
the root cause?

 

 

Catalina.xxx.log(happened many times):

WARNING: Exception processing realm com.netscape.cms.tomcat.ProxyRealm@291f37e1 
background process

java.lang.NullPointerException

at
com.netscape.cms.tomcat.ProxyRealm.backgroundProcess(ProxyRealm.java:108)

at
org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1360)

at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1530)

at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1540)

at
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1540)

at 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1519)

at java.lang.Thread.run(Thread.java:745)

 

localhost.xxx.log:

Mar 23, 2017 11:49:24 AM
org.apache.catalina.core.ApplicationContext log

SEVERE: StandardWrapper.Throwable

java.lang.NullPointerException

at
com.netscape.cmscore.selftests.SelfTestSubsystem.shutdown(SelfTestSubsystem.java:1875)

at
com.netscape.cmscore.apps.CMSEngine.shutdownSubsystems(CMSEngine.java:1859)

at com.netscape.cmscore.apps.CMSEngine.shutdown(CMSEngine.java:1797)

at
com.netscape.certsrv.apps.CMS.shutdown(CMS.java:233)

at com.netscape.certsrv.apps.CMS.start(CMS.java:1610)

at 
com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:114)

at
javax.servlet.GenericServlet.init(GenericServlet.java:158)

at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:497)

at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277)

at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)

at java.security.AccessController.doPrivileged(Native
Method)

at
javax.security.auth.Subject.doAsPrivileged(Subject.java:549)

at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309)

at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:169)

at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:123)

at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1272)

at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1197)

at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1087)

at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5210)

at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5493)

at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)

at 
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)

at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)

at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)

at java.security.AccessController.doPrivileged(Native
Method)

at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875)

at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)

at 
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:672)

at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1862)

at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)

at java.util.concurrent.FutureTask.run(FutureTask.java:266)

at
java.util.concurrent.ThreadP