On Tue, Feb 28, 2017 at 4:26 AM, Standa Laznicka wrote:
> On 02/27/2017 04:51 PM, Steve Huston wrote:
>> It seems there might be two issues here; the one I originally reported
>> was that the ipa-server packages installed on a client machine are
>> unable to talk to the
On 02/27/2017 04:51 PM, Steve Huston wrote:
On Mon, Feb 27, 2017 at 5:56 AM, Standa Laznicka wrote:
Sorry for the hold up. Two questions - is this domain level 1 or 0 (you can
run `ipa domainlevel-get` on the master if you don't know)? Did you have a
client installed prior
On Mon, Feb 27, 2017 at 5:56 AM, Standa Laznicka wrote:
> Sorry for the hold up. Two questions - is this domain level 1 or 0 (you can
> run `ipa domainlevel-get` on the master if you don't know)? Did you have a
> client installed prior to ipa-replica-install?
It's level 1.
On 02/24/2017 08:38 PM, Steve Huston wrote:
So, I tried a different tack. Took my bare VM configured as an IPA
client, did a 'yum install ipa-server' and edited the cainstance.py
file to fix the IPv6 issue. Then, without adding the host to
ipaservers in the webui, I simply tried to promote it:
So, I tried a different tack. Took my bare VM configured as an IPA
client, did a 'yum install ipa-server' and edited the cainstance.py
file to fix the IPv6 issue. Then, without adding the host to
ipaservers in the webui, I simply tried to promote it:
# kinit admin
Password for
On Fri, Feb 24, 2017 at 2:31 AM, Standa Laznicka wrote:
> Hello,
> I don't quite understand your situation - have the error happened during an
> addition of the host to the "ipaservers" group or during replica
> installation?
It was during the addition of the host. In fact,
Hello,
I don't quite understand your situation - have the error happened during
an addition of the host to the "ipaservers" group or during replica
installation?
Certutil is a wonderful piece of software that returns
"(SEC_ERROR_LEGACY_DATABASE)" in about 90% of most common cases but I
have
I already had to do that previously to get other things to work; I had
solved it by changing line 582 of
/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py from
"::1" to "localhost" before installing the server. I did do this on
the to-be-promoted client as well, to no avail.
On
Steve Huston wrote:
> Next stage of my testing was to make a replica of the FreeIPA server,
> and I started by doing a 'yum install ipa-server' and then moved on to
> adding the host to the ipaservers group. This fails every time
> however, with the error:
>
> ipa: ERROR: cannot connect to
>