Joshua J. Kugler wrote:
On Wednesday, June 19, 2013 16:34:31 Joshua J. Kugler wrote:
Check SSH connection to remote master
Execute check on remote master
Remote master check failed with following error message(s):
bash: /usr/sbin/ipa-replica-conncheck: No such file or directory
Connection
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
export LDAPTLS_CACERT=/etc/ipa/ca.crt; ipa-replica-install --setup-ca -N
replica-info-ipan.lab.whamcloud.com.gpg --skip-conncheck
Same error message.
I'm lost. Help?
This is unrelated to passing in the CA certificate.
We'd
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If you look on the remote master DS access log it may have
additional information on what was requested.
Logs attached.
10.10.0.50 is the new replica.
No
On 06/21/2013 02:39 PM, Joshua J. Kugler wrote:
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If you look on the remote master DS access log it may have
additional information on what was requested.
Logs
On Friday, June 21, 2013 14:46:50 Rich Megginson wrote:
On 06/21/2013 02:39 PM, Joshua J. Kugler wrote:
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If you look on the remote master DS access log it
On 06/21/2013 02:50 PM, Joshua J. Kugler wrote:
On Friday, June 21, 2013 14:46:50 Rich Megginson wrote:
On 06/21/2013 02:39 PM, Joshua J. Kugler wrote:
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If
Joshua J. Kugler wrote:
On Friday, June 21, 2013 14:46:50 Rich Megginson wrote:
On 06/21/2013 02:39 PM, Joshua J. Kugler wrote:
On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If you look on the remote
Thank you so much! A few questions below.
On Wednesday, June 19, 2013 08:46:06 Martin Kosek wrote:
This is the migration plan that should work:
0) We have IPA server(s) of aging version (2.0 in your case)
1) On one of your servers, create a replica (ipa-replica-prepare) and copy
the
Joshua J. Kugler wrote:
Thank you so much! A few questions below.
On Wednesday, June 19, 2013 08:46:06 Martin Kosek wrote:
This is the migration plan that should work:
0) We have IPA server(s) of aging version (2.0 in your case)
1) On one of your servers, create a replica
So, first roadblock encountered.
One of the reasons we're migrating off of this machine (besides the fact that
it is OLD) is that root CA cert has expired (the one used by Tomcat), and so
far I haven't found any documentation on renewing it. Well that presents a
problem (see attached).
It
Hit more glitches. As to the expired CA cert, I set the clock back, then ran
ipa-replica-prepare. That got me the bundle.
Took that to the new one.
Tried running
ipa-replica-install --setup-ca -N replica-info-ipan.lab.whamcloud.com.gpg
But that gave me:
snip
Connection from replica to
OK, getting further. Turns out the admin password wasn't really reset when I
thought it was reset.
So, this command:
ipa-replica-install --setup-ca -N replica-info-ipan.lab.whamcloud.com.gpg
produces a bunch of encouraging output until it hits this:
Check SSH connection to remote master
We are migrating from an ancient FreeIPA 2.0 server to a 3.1.5 server. Is
there a documented procedure to export all the data from the 2.0 server and
import it into the 3.1.5 server?
If I copy files over (PKI DB, main IPA DB, Kerberos stuff), will they be
upgraded on next restart, or is it
13 matches
Mail list logo