On 10/27/2014 06:13 AM, Innes, Duncan wrote:
Hi,
Have been using `ping` to test connectivity from our clients to the
various IPA servers around the WAN before running an ldapsearch to
pull some details about the client from the LDAP database.
Several new VLAN's have now come online that do not permit ping
traffic to be transmitted outside the VLAN, so clients on these LAN's
think they can't see any of my IPA servers and then fail the domain
join during the kickstart phase.
Wondering if there's a consensus on how to check connectivity to IPA
servers on the network? Something that I can use during the kickstart
post-install phase.
Current effort is:
wget --timeout=1 --tries=1 --no-check-certificate
https://ipaserver1.example.com
and then test $? for result. But this only tests ports 80/443 - which
authentication clients wont necessarily have access on. Can I
reliably test the other FreeIPA ports? 389, 636,
389: ldapsearch -xLLL -h ipaserver1.example.com -p 389 -s base -b
636: LDAPTLS_REQCERT=never ldapsearch -xLLL -H
ldaps://ipaserver1.example.com -s base -b
88, 464? These are the ports that clients have to be allowed access
to the IPA servers.
Cheers
Duncan
This message has been checked for viruses and spam by the Virgin Money
email scanning system powered by Messagelabs.
This e-mail is intended to be confidential to the recipient. If you
receive a copy in error, please inform the sender and then delete this
message.
Virgin Money plc - Registered in England and Wales (Company no.
6952311). Registered office - Jubilee House, Gosforth, Newcastle upon
Tyne NE3 4PL. Virgin Money plc is authorised by the Prudential
Regulation Authority and regulated by the Financial Conduct Authority
and the Prudential Regulation Authority.
The following companies also trade as Virgin Money. They are both
authorised and regulated by the Financial Conduct Authority, are
registered in England and Wales and have their registered office at
Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL: Virgin Money
Personal Financial Service Limited (Company no. 3072766) and Virgin
Money Unit Trust Managers Limited (Company no. 3000482).
For further details of Virgin Money group companies please visit our
website at virginmoney.com
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project