[Freeipa-users] IdM failing to install after reconfiguring server.

2014-10-06 Thread Licause, Al (CSC AMS BCS - UNIX/Linux Network Support)


My appologies if this is a repeat but for some reason Outlook has seen fit to 
delete or
possibly hide the folder in which have saved my entries from this subject.

I have reconfigured a RHEL V7 system so as to exist in a different subnet and 
domain
from our AD server to allow us to create trust domains between a linux and a 
windows
domain.

I have rebooted the system and now when I try to run a fresh install using
ipa-system-install --uninstall followed by ipa-system-install I get the 
following error:


Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 
seconds
  [1/22]: creating certificate server user
  [2/22]: configuring certificate server instance
ipa : CRITICAL failed to configure ca instance Command 
'/usr/sbin/pkispawn -s CA -f /tmp/tmpMmhbtg' returned non-zero exit status 1
Configuration of CA failed

Can anyone suggest what is failing and how we can go about fixing this ?

Thanks
Al


Al Licause
CSC Americas BCS Technical Specialist
HP Customer Support Center
Hours 5am-2pm Pacific time USA
Manager: mark.bai...@hp.com

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Re: [Freeipa-users] IdM failing to install after reconfiguring server.

2014-10-06 Thread Rob Crittenden
Licause, Al (CSC AMS BCS - UNIX/Linux Network Support) wrote:
  
 
 My appologies if this is a repeat but for some reason Outlook has seen
 fit to delete or
 
 possibly hide the folder in which have saved my entries from this subject.
 
  
 
 I have reconfigured a RHEL V7 system so as to exist in a different
 subnet and domain
 
 from our AD server to allow us to create trust domains between a linux
 and a windows
 
 domain.   
 
  
 
 I have rebooted the system and now when I try to run a fresh install using
 
 ipa-system-install --uninstall followed by ipa-system-install I get the
 following error:
 
  
 
  
 
 Done configuring directory server (dirsrv).
 
 Configuring certificate server (pki-tomcatd): Estimated time 3 minutes
 30 seconds
 
   [1/22]: creating certificate server user
 
   [2/22]: configuring certificate server instance
 
 ipa : CRITICAL failed to configure ca instance Command
 '/usr/sbin/pkispawn -s CA -f /tmp/tmpMmhbtg' returned non-zero exit status 1
 
 Configuration of CA failed
 
  
 
 Can anyone suggest what is failing and how we can go about fixing this ?

You need to look in /var/log/ipaserver-install.log and perhaps
/var/log/pki/pki-tomcat/ca/debug for more details.

rob

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project


Re: [Freeipa-users] IdM failing to install after reconfiguring server.

2014-10-06 Thread Dmitri Pal
On 10/06/2014 04:55 PM, Licause, Al (CSC AMS BCS - UNIX/Linux Network 
Support) wrote:


My appologies if this is a repeat but for some reason Outlook has seen 
fit to delete or


possibly hide the folder in which have saved my entries from this subject.

I have reconfigured a RHEL V7 system so as to exist in a different 
subnet and domain


from our AD server to allow us to create trust domains between a linux 
and a windows


domain.

I have rebooted the system and now when I try to run a fresh install 
using


ipa-system-install --uninstall followed by ipa-system-install I get 
the following error:


Done configuring directory server (dirsrv).

Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 
30 seconds


[1/22]: creating certificate server user

[2/22]: configuring certificate server instance

ipa : CRITICAL failed to configure ca instance Command 
'/usr/sbin/pkispawn -s CA -f /tmp/tmpMmhbtg' returned non-zero exit 
status 1


Configuration of CA failed

Can anyone suggest what is failing and how we can go about fixing this ?



I think you hit this before in the other mail thread and it was 
recommended to do:


pkidestroy -s CA -i pki-tomcat
rm -rf /var/log/pki/pki-tomcat
rm -rf /etc/sysconfig/pki-tomcat
rm -rf /etc/sysconfig/pki/tomcat/pki-tomcat
rm -rf /var/lib/pki/pki-tomcat
rm -rf /etc/pki/pki-tomcat


Thanks

Al

*Al Licause*

*CSC Americas BCS Technical Specialist*

*HP Customer Support Center*

*Hours 5am-2pm Pacific time USA*

*Manager: mark.bai...@hp.com*






--
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project