[Freeipa-users] Test connectivity before joining domain

Rich Megginson rmeggins at redhat.com
Mon Oct 27 13:30:39 UTC 2014

On 10/27/2014 06:13 AM, Innes, Duncan wrote:
> Hi,
> Have been using `ping` to test connectivity from our clients to the 
> various IPA servers around the WAN before running an ldapsearch to 
> pull some details about the client from the LDAP database.
> Several new VLAN's have now come online that do not permit ping 
> traffic to be transmitted outside the VLAN, so clients on these LAN's 
> think they can't see any of my IPA servers and then fail the domain 
> join during the kickstart phase.
> Wondering if there's a consensus on how to check connectivity to IPA 
> servers on the network?  Something that I can use during the kickstart 
> post-install phase.
> Current effort is:
> wget --timeout=1 --tries=1 --no-check-certificate 
> https://ipaserver1.example.com
> and then test $? for result.  But this only tests ports 80/443 - which 
> authentication clients wont necessarily have access on.  Can I 
> reliably test the other FreeIPA ports?  389, 636,

389: ldapsearch -xLLL -h ipaserver1.example.com -p 389 -s base -b ""

636: LDAPTLS_REQCERT=never ldapsearch -xLLL -H 
ldaps://ipaserver1.example.com -s base -b ""

> 88, 464?  These are the ports that clients have to be allowed access 
> to the IPA servers.
> Cheers
> Duncan
> This message has been checked for viruses and spam by the Virgin Money 
> email scanning system powered by Messagelabs.
> This e-mail is intended to be confidential to the recipient. If you 
> receive a copy in error, please inform the sender and then delete this 
> message.
> Virgin Money plc - Registered in England and Wales (Company no. 
> 6952311). Registered office - Jubilee House, Gosforth, Newcastle upon 
> Tyne NE3 4PL. Virgin Money plc is authorised by the Prudential 
> Regulation Authority and regulated by the Financial Conduct Authority 
> and the Prudential Regulation Authority.
> The following companies also trade as Virgin Money. They are both 
> authorised and regulated by the Financial Conduct Authority, are 
> registered in England and Wales and have their registered office at 
> Jubilee House, Gosforth, Newcastle upon Tyne NE3 4PL: Virgin Money 
> Personal Financial Service Limited (Company no. 3072766) and Virgin 
> Money Unit Trust Managers Limited (Company no. 3000482).
> For further details of Virgin Money group companies please visit our 
> website at virginmoney.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141027/a0bf6c9f/attachment.htm>

More information about the Freeipa-users mailing list