<div dir="ltr"><br><div>Odd, must have clicked reply instead of reply-all.</div><div><br></div><div>Anyway, I did the revert and re-install. Actual install went through fine then the "ipa-server-install" ran until this:</div><div><br></div><div><div> [8/9]: restoring configuration</div><div> [9/9]: starting directory server</div><div>Done.</div><div>Restarting the directory server</div><div>Restarting the KDC</div><div>Please add records in this file to your DNS system: /tmp/ipa.system.records.v5Jwrt.db</div><div>Restarting the web server</div><div>Configuring client side components</div><div>Using existing certificate '/etc/ipa/ca.crt'.</div><div>Client hostname: <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a></div><div>Realm: <a href="http://RDLG.NET" target="_blank">RDLG.NET</a></div><div>DNS Domain: <a href="http://rdlg.net" target="_blank">rdlg.net</a></div><div>IPA Server: <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a></div><div>BaseDN: dc=rdlg,dc=net</div><div><br></div><div>Skipping synchronizing time with NTP server.</div><div>New SSSD config will be created</div><div>Configured sudoers in /etc/nsswitch.conf</div><div>Configured /etc/sssd/sssd.conf</div><div>trying <a href="https://ipa.rdlg.net/ipa/json" target="_blank">https://ipa.rdlg.net/ipa/json</a></div><div>Forwarding 'schema' to json server '<a href="https://ipa.rdlg.net/ipa/json" target="_blank">https://ipa.rdlg.net/ipa/json</a>'</div><div><br></div></div><div><br></div><div>It's been sitting there for a while ( 4 hours? ) I don't see anyting in the ipaserver-install.log, but it's here: <a href="https://pastebin.com/biK1Dmv7">https://pastebin.com/biK1Dmv7</a></div><div><br></div><div><br></div><br><div class="gmail_quote"><div dir="ltr">On Thu, May 11, 2017 at 8:12 AM Martin Bašti <<a href="mailto:mbasti@redhat.com" target="_blank">mbasti@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Please keep freeipa-users in CC</p>
<p>Snapshot is always better, so I suggest to use it. Otherwise
there is an option --ignore-last-of-role to unblock
uninstallation.</p></div><div text="#000000" bgcolor="#FFFFFF">
<p>Martin<br>
</p></div><div text="#000000" bgcolor="#FFFFFF">
<br>
<div class="m_-7596477829936920091m_3015502363106090719moz-cite-prefix">On 11.05.2017 16:00, Robert L. Harris
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr"><br>
<div>Looks like you hit it, apache didn't have a group:</div>
<div><br>
</div>
<div>
<div>-- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu
2017-05-11 07:48:27 MDT. --</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]:
Starting The Apache HTTP Server...</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a>
ipa-httpd-kdcproxy[28808]: ipa : INFO KDC proxy
enabled</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> httpd[28809]:
AH00544: httpd: bad group name apache</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]:
httpd.service: main process exited, code=exited,
status=1/FAILURE</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> kill[28812]: kill:
cannot find process ""</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]:
httpd.service: control process exited, code=exited status=1</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: Failed
to start The Apache HTTP Server.</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]: Unit
httpd.service entered failed state.</div>
<div>May 10 20:36:00 <a href="http://ipa.rdlg.net" target="_blank">ipa.rdlg.net</a> systemd[1]:
httpd.service failed.</div>
</div>
<div><br>
</div>
<div>Thanks, didn't know that command. I tried to continue the
process:</div>
<div><br>
</div>
<div>
<div>{0}:/root>ipa-server-install</div>
<div><br>
</div>
<div>The log file for this installation can be found in
/var/log/ipaserver-install.log</div>
<div>ipa.ipapython.install.cli.install_tool(Server): ERROR
IPA server is already configured on this system.</div>
<div>If you want to reinstall the IPA server, please uninstall
it first using 'ipa-server-install --uninstall'.</div>
<div>ipa.ipapython.install.cli.install_tool(Server): ERROR
The ipa-server-install command failed. See
/var/log/ipaserver-install.log for more information</div>
<div><br>
</div>
<div>root@ipa</div>
<div>{1}:/root>ipa-server-install --uninstall</div>
<div><br>
</div>
<div>This is a NON REVERSIBLE operation and will delete all
data and configuration!</div>
<div><br>
</div>
<div>Are you sure you want to continue with the uninstall
procedure? [no]: yes</div>
<div>ipa : ERROR Server removal aborted: Deleting
this server is not allowed as it would leave your
installation without a CA..</div>
<div><br>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>This is a VM and I took a snapshot right before I started
the install, so I can revert, just make sure ti add the apache
user before starting the install. Or if you have a better
command to continue the clean-up/install.....</div>
<div><br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Thu, May 11, 2017 at 2:19 AM Martin Bašti <<a href="mailto:mbasti@redhat.com" target="_blank">mbasti@redhat.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Hello,</p>
<p>comments inline<br>
</p>
</div>
<div text="#000000" bgcolor="#FFFFFF"> <br>
<div class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968moz-cite-prefix">On
11.05.2017 06:06, Robert L. Harris wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr"><br>
<div>Sigh... Sorry, it's been a long day, I thought I
put that log in the first pastebin. It's in this one:
<a href="https://pastebin.com/18PAXXNS" target="_blank">https://pastebin.com/18PAXXNS</a></div>
</div>
</blockquote>
<br>
</div>
<div text="#000000" bgcolor="#FFFFFF"> Could you please
provide journalctl -u httpd and /var/log/httpd/error_log ?</div>
<div text="#000000" bgcolor="#FFFFFF"><br>
<br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>Also,</div>
<div> Anyone else get the constant spam when mailing
this list? Got an address to block for it?</div>
</div>
</blockquote>
<br>
</div>
<div text="#000000" bgcolor="#FFFFFF"> Sorry for that, there
is a bot mining public archives. We plan to resolve this
issue but it may take time as we are not maintaining our
mailman.<br>
<br>
Martin</div>
<div text="#000000" bgcolor="#FFFFFF"><br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>Robert</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Wed, May 10, 2017 at 9:56 PM Lachlan
Musicman <<a href="mailto:datakid@gmail.com" target="_blank">datakid@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>Robert, did you look in
/var/log/ipaserver-install.log as it says?<br>
<br>
</div>
Was there any other information?<br>
<br>
</div>
cheers<br>
</div>
L.<br>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968m_-1089300851396006504gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>------<br>
"Mission Statement: To provide hope
and inspiration for collective
action, to build collective power,
to achieve collective
transformation, rooted in grief and
rage but pointed towards vision and
dreams."<br>
<br>
- Patrice Cullors, <i>Black Lives
Matter founder</i></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
<div class="gmail_extra">
<div class="gmail_quote">On 11 May 2017 at 13:24,
Robert L. Harris <span dir="ltr"><<a href="mailto:robert.l.harris@gmail.com" target="_blank">robert.l.harris@gmail.com</a>></span>
wrote:<br>
</div>
</div>
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Ok, I gave up on Ubuntu. I'm
now trying the latest CentOS7. I built out a
"minimal server" with some normal base
packages which did include the freeipa-client
but otherwise, just standard tools. Here's a
pastebin of the output of the install: <a href="https://pastebin.com/zAWCgkUU" target="_blank">https://pastebin.com/zAWCgkUU</a><span class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968m_-1089300851396006504HOEnZb"><font color="#888888">
<div><br>
</div>
<div>Robert</div>
<div><br>
</div>
</font></span></div>
<br>
</blockquote>
</div>
</div>
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">--<br>
Manage your subscription for the Freeipa-users
mailing list:<br>
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go to <a href="http://freeipa.org" rel="noreferrer" target="_blank">http://freeipa.org</a>
for more info on the project<br>
</blockquote>
</div>
<br>
</div>
--<br>
Manage your subscription for the Freeipa-users mailing
list:<br>
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go to <a href="http://freeipa.org" rel="noreferrer" target="_blank">http://freeipa.org</a>
for more info on the project</blockquote>
</div>
<br>
<fieldset class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</div>
<div text="#000000" bgcolor="#FFFFFF">
<pre class="m_-7596477829936920091m_3015502363106090719m_-8333958555747432968moz-signature" cols="72">--
Martin Bašti
Software Engineer
Red Hat Czech</pre>
</div>
</blockquote>
</div>
</blockquote>
<br>
<pre class="m_-7596477829936920091m_3015502363106090719moz-signature" cols="72">--
Martin Bašti
Software Engineer
Red Hat Czech</pre>
</div></blockquote></div></div>