[Freeipa-users] EXTERNAL: Re: NIS Compat issues

Dmitri Pal dpal at redhat.com
Thu Jan 2 17:37:43 UTC 2014 

On 01/02/2014 12:30 PM, Joseph, Matthew (EXP) wrote:
>
> Hello,
>
>  
>
> All of the IPA services are running.
>
> When I tried running the ipa-compat-manage enable and ipa-nis-manage
> enable they are both loaded and running.
>

Have you checked the logs to confirm that the DS server actually loaded
the plugins?

> The firewall is not the issue, I am positive about that.
>
>  
>
> What do you mean by looking at the compat tree from the IPA server?
>

I mean doing an ldapsearch operation against cn=compat,... sub tree by
running it on the server. Just to see if it returns any data. If it does
then the server is probably OK and this is the client that can't connect
due to FW or DNS.
>
>  
>
> Matt
>
>  
>
> *From:*freeipa-users-bounces at redhat.com
> [mailto:freeipa-users-bounces at redhat.com] *On Behalf Of *Dmitri Pal
> *Sent:* Thursday, January 02, 2014 12:13 PM
> *To:* freeipa-users at redhat.com
> *Subject:* EXTERNAL: Re: [Freeipa-users] NIS Compat issues
>
>  
>
> On 01/02/2014 11:05 AM, Joseph, Matthew (EXP) wrote:
>
> Hello,
>
>  
>
> I've recently had to restart my IPA servers and my NIS compatibility
> mode has stopped working.
>
> I've configured my IPA server to run in NIS compatibility mode by
> doing the following.
>
> [root at ipaserver ~]# ipa-nis-manage enable
>
> [root at ipaserver ~]# ipa-compat-manage enable
>
> Restart the DNS and Directory Server service:
>
> [root at server ~]# service restart rpcbind
>
> [root at server ~]# service restart dirsrv
>
> On my NIS clients I have the following setup in the yp.conf file.
>
> domain                 domainname.ca              
> server                   ipaservername.domainname.ca
>
>  
>
> I tried just running the broadcast option but with no luck.
>
>  
>
>  
>
> When I try to do a service ypbind start on my NIS clients it takes a
> few minutes to finally fail.
>
> When I tried an yptest says "Can't communicate with ypbind" which
> makes sense since ypbind will not start.
>
>  
>
> On the NIS client in the messages file it says the following;
>
> Ypbind: broadcast: RPC: Timed Out
>
> Cannot bind UDP: Address already in use
>
>  
>
> Nothing has changed on my IPA server/configuration so I have no idea
> why this stopped working.
>
> Any suggestions?
>
>
> Please check if the IPA is running, the DS is running. Check the logs
> that the compat plugin is loaded and working.
> You can also try looking at the compat tree from the server itself to
> verify that the plugin, at least the DS part is functional.
>
> This generally smells as a firewall issue but I have not way to prove
> or disprove the theory.
>
>
>  
>
> Matt
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
>
> -- 
> Thank you,
> Dmitri Pal
>  
> Sr. Engineering Manager for IdM portfolio
> Red Hat Inc.
>  
>  
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/ <http://www.redhat.com/carveoutcosts/>
>  
>  


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140102/39e68774/attachment.htm>

More information about the Freeipa-users mailing list