<div dir="ltr"><br><div>Odd, must have clicked reply instead of reply-all.</div><div><br></div><div>Anyway, I did the revert and re-install. Actual install went through fine then the "ipa-server-install" ran until this:</div><div><br></div><div><div> [8/9]: restoring configuration</div><div> [9/9]: starting directory server</div><div>Done.</div><div>Restarting the directory server</div><div>Restarting the KDC</div><div>Please add records in this file to your DNS system: /tmp/ipa.system.records.v5Jwrt.db</div><div>Restarting the web server</div><div>Configuring client side components</div><div>Using existing certificate '/etc/ipa/ca.crt'.</div><div>Client hostname: <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a></div><div>Realm: <a href="http://RDLG.NET" target="_blank">RDLG.NET</a></div><div>DNS Domain: <a href="http://rdlg.net" target="_blank">rdlg.net</a></div><div>IPA Server: <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a></div><div>BaseDN: dc=rdlg,dc=net</div><div><br></div><div>Skipping synchronizing time with NTP server.</div><div>New SSSD config will be created</div><div>Configured sudoers in /etc/nsswitch.conf</div><div>Configured /etc/sssd/sssd.conf</div><div>trying <a href="https://ipa.rdlg.net/ipa/json" target="_blank">https://ipa.rdlg.net/ipa/json</a></div><div>Forwarding 'schema' to json server '<a href="https://ipa.rdlg.net/ipa/json" target="_blank">https://ipa.rdlg.net/ipa/json</a>'</div><div><br></div></div><div><br></div><div>It's been sitting there for a while ( 4 hours? ) I don't see anyting in the ipaserver-install.log, but it's here: <a href="https://pastebin.com/biK1Dmv7">https://pastebin.com/biK1Dmv7</a></div><div><br></div><div><br></div><br><div class="gmail_quote"><div dir="ltr">On Thu, May 11, 2017 at 8:12 AM Martin Bašti <<a href="mailto:mbasti@redhat.com" target="_blank">mbasti@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div text="#000000" bgcolor="#FFFFFF"> <p>Please keep freeipa-users in CC</p> <p>Snapshot is always better, so I suggest to use it. Otherwise there is an option --ignore-last-of-role to unblock uninstallation.</p></div><div text="#000000" bgcolor="#FFFFFF"> <p>Martin<br> </p></div><div text="#000000" bgcolor="#FFFFFF"> <br> <div class="m_-7596477829936920091m_3015502363106090719moz-cite-prefix">On 11.05.2017 16:00, Robert L. Harris wrote:<br> </div> <blockquote type="cite"> <div dir="ltr"><br> <div>Looks like you hit it, apache didn't have a group:</div> <div><br> </div> <div> <div>-- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu 2017-05-11 07:48:27 MDT. --</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: Starting The Apache HTTP Server...</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> ipa-httpd-kdcproxy[28808]: ipa : INFO KDC proxy enabled</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> httpd[28809]: AH00544: httpd: bad group name apache</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> kill[28812]: kill: cannot find process ""</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: httpd.service: control process exited, code=exited status=1</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: Failed to start The Apache HTTP Server.</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: Unit httpd.service entered failed state.</div> <div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: httpd.service failed.</div> </div> <div><br> </div> <div>Thanks, didn't know that command. I tried to continue the process:</div> <div><br> </div> <div> <div>{0}:/root>ipa-server-install</div> <div><br> </div> <div>The log file for this installation can be found in /var/log/ipaserver-install.log</div> <div>ipa.ipapython.install.cli.install_tool(Server): ERROR IPA server is already configured on this system.</div> <div>If you want to reinstall the IPA server, please uninstall it first using 'ipa-server-install --uninstall'.</div> <div>ipa.ipapython.install.cli.install_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information</div> <div><br> </div> <div>root@ipa</div> <div>{1}:/root>ipa-server-install --uninstall</div> <div><br> </div> <div>This is a NON REVERSIBLE operation and will delete all data and configuration!</div> <div><br> </div> <div>Are you sure you want to continue with the uninstall procedure? [no]: yes</div> <div>ipa : ERROR Server removal aborted: Deleting this server is not allowed as it would leave your installation without a CA..</div> <div><br> </div> </div> <div><br> </div> <div><br> </div> <div>This is a VM and I took a snapshot right before I started the install, so I can revert, just make sure ti add the apache user before starting the install. Or if you have a better command to continue the clean-up/install.....</div> <div><br> </div> </div> <br> <div class="gmail_quote"> <div dir="ltr">On Thu, May 11, 2017 at 2:19 AM Martin Bašti <<a href="mailto:mbasti@redhat.com" target="_blank">mbasti@redhat.com</a>> wrote:<br> </div> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div text="#000000" bgcolor="#FFFFFF"> <p>Hello,</p> <p>comments inline<br> </p> </div> <div text="#000000" bgcolor="#FFFFFF"> <br> <div class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968moz-cite-prefix">On 11.05.2017 06:06, Robert L. Harris wrote:<br> </div> <blockquote type="cite"> <div dir="ltr"><br> <div>Sigh... Sorry, it's been a long day, I thought I put that log in the first pastebin. It's in this one: <a href="https://pastebin.com/18PAXXNS" target="_blank">https://pastebin.com/18PAXXNS</a></div> </div> </blockquote> <br> </div> <div text="#000000" bgcolor="#FFFFFF"> Could you please provide journalctl -u httpd and /var/log/httpd/error_log ?</div> <div text="#000000" bgcolor="#FFFFFF"><br> <br> <br> <blockquote type="cite"> <div dir="ltr"> <div><br> </div> <div>Also,</div> <div> Anyone else get the constant spam when mailing this list? Got an address to block for it?</div> </div> </blockquote> <br> </div> <div text="#000000" bgcolor="#FFFFFF"> Sorry for that, there is a bot mining public archives. We plan to resolve this issue but it may take time as we are not maintaining our mailman.<br> <br> Martin</div> <div text="#000000" bgcolor="#FFFFFF"><br> <br> <blockquote type="cite"> <div dir="ltr"> <div><br> </div> <div>Robert</div> <div><br> </div> <div><br> </div> <div><br> </div> </div> <br> <div class="gmail_quote"> <div dir="ltr">On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman <<a href="mailto:datakid@gmail.com" target="_blank">datakid@gmail.com</a>> wrote:<br> </div> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div dir="ltr"> <div> <div> <div>Robert, did you look in /var/log/ipaserver-install.log as it says?<br> <br> </div> Was there any other information?<br> <br> </div> cheers<br> </div> L.<br> </div> <div class="gmail_extra"><br clear="all"> <div> <div class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968m_-1089300851396006504gmail_signature" data-smartmail="gmail_signature"> <div dir="ltr"> <div> <div dir="ltr"> <div> <div dir="ltr"> <div>------<br> "Mission Statement: To provide hope and inspiration for collective action, to build collective power, to achieve collective transformation, rooted in grief and rage but pointed towards vision and dreams."<br> <br> - Patrice Cullors, <i>Black Lives Matter founder</i></div> </div> </div> </div> </div> </div> </div> </div> <br> </div> <div class="gmail_extra"> <div class="gmail_quote">On 11 May 2017 at 13:24, Robert L. Harris <span dir="ltr"><<a href="mailto:robert.l.harris@gmail.com" target="_blank">robert.l.harris@gmail.com</a>></span> wrote:<br> </div> </div> <div class="gmail_extra"> <div class="gmail_quote"> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div dir="ltr">Ok, I gave up on Ubuntu. I'm now trying the latest CentOS7. I built out a "minimal server" with some normal base packages which did include the freeipa-client but otherwise, just standard tools. Here's a pastebin of the output of the install: <a href="https://pastebin.com/zAWCgkUU" target="_blank">https://pastebin.com/zAWCgkUU</a><span class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968m_-1089300851396006504HOEnZb"><font color="#888888"> <div><br> </div> <div>Robert</div> <div><br> </div> </font></span></div> <br> </blockquote> </div> </div> <div class="gmail_extra"> <div class="gmail_quote"> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">--<br> Manage your subscription for the Freeipa-users mailing list:<br> <a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br> Go to <a href="http://freeipa.org" rel="noreferrer" target="_blank">http://freeipa.org</a> for more info on the project<br> </blockquote> </div> <br> </div> --<br> Manage your subscription for the Freeipa-users mailing list:<br> <a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br> Go to <a href="http://freeipa.org" rel="noreferrer" target="_blank">http://freeipa.org</a> for more info on the project</blockquote> </div> <br> <fieldset class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968mimeAttachmentHeader"></fieldset> <br> </blockquote> <br> </div> <div text="#000000" bgcolor="#FFFFFF"> <pre class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968moz-signature" cols="72">-- Martin Bašti Software Engineer Red Hat Czech</pre> </div> </blockquote> </div> </blockquote> <br> <pre class="m_-7596477829936920091m_3015502363106090719moz-signature" cols="72">-- Martin Bašti Software Engineer Red Hat Czech</pre> </div></blockquote></div></div>