[Freeipa-users] ipa-server-install and ipactl fails after reboot
Andreas Calminder
andreas.calminder at nordnet.se
Mon Sep 28 11:14:21 UTC 2015
Solved this on my own.
In case anyone else hits this on rhel7 ipa-server 4.1.0-18, just start
the dirsrv and tomcat instances by hand:
# systemctl start dirsrv at REALM.NAME
# systemctl start pki-tomcatd at pki-tomcat.service
and then run your installer again:
# ipa-server-install --external-cert-file=ca_chain_and_ipa_cert.pem
Sorry for the noise!
/andreas
On 09/28/2015 12:27 PM, Andreas Calminder wrote:
> Hello,
> I have a really strange problem while installing the ipa-server. I've
> installed the server like this:
> # ipa-server-install --idstart=76400000 -N --realm=DOMAIN.TLD
> --hostname=idm1.sub.domain.tld -n domain.tld --external-ca
> --external-ca-type=ms-cs
>
> I get he csr and send it off to our AD admin, I poweroff the machine
> and take a snapshot, because you know, if anything goes wrong I want a
> clean snapshot. I startup the machine and try to run the installer a
> second time, like suggested by the installer:
> # ipa-server-install --external-cert-file=/tmp/ipa.crt
> --external-cert-file=/tmp/ca_chain.crt
>
> It fails with Unable to access directory server: Can't contact ldap
> server.
>
> Ok, fine because it wasn't started after reboot.
>
> # ipactl start
> Starting Directory Service
> Failed to read data from service file: Failed to get list of services
> to probe status!
> Configured hostname 'idm1.sub.domain.tld' does not match any master
> server in LDAP:
> idm1.sub.domain.tld
> Shutting down
>
> I reverted back to my snapshot, I still get the same error message. I
> can start the dirsrv without problem with systemctl start
> dirsrv at DOMAIN-TLD.
>
> Running ipactl -d:
> ipactl -d status
> ipa: DEBUG: importing all plugin modules in
> '/usr/lib/python2.7/site-packages/ipalib/plugins'...
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/idviews.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken_yubikey.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
> ipa: DEBUG: Starting external process
> ipa: DEBUG: args='klist' '-V'
> ipa: DEBUG: Process finished, return code=0
> ipa: DEBUG: stdout=Kerberos 5 version 1.12.2
>
> ipa: DEBUG: stderr=
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/radiusproxy.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/rpcclient.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py'
> ipa: DEBUG: importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
> ipa: DEBUG: Starting external process
> ipa: DEBUG: args='/bin/systemctl' 'is-active' 'dirsrv at DOMAIN-TLD.service'
> ipa: DEBUG: Process finished, return code=0
> ipa: DEBUG: stdout=active
>
> ipa: DEBUG: stderr=
> ipa: DEBUG: Starting external process
> ipa: DEBUG: args='/bin/systemctl' 'is-active' 'dirsrv at DOMAIN-TLD.service'
> ipa: DEBUG: Process finished, return code=0
> ipa: DEBUG: stdout=active
>
> ipa: DEBUG: stderr=
> ipa: DEBUG: flushing ldapi://%2fvar%2frun%2fslapd-NORDNET-SE.socket
> from SchemaCache
> ipa: DEBUG: retrieving schema for SchemaCache
> url=ldapi://%2fvar%2frun%2fslapd-DOMAIN-TLD.socket
> conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x1b483b0>
> ipa: DEBUG: File
> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py",
> line 646, in run_script
> return_value = main_function()
>
> File "/usr/sbin/ipactl", line 517, in main
> ipa_status(options)
>
> File "/usr/sbin/ipactl", line 439, in ipa_status
> raise e
>
> ipa: DEBUG: The ipactl command failed, exception: IpactlError: Failed
> to get list of services to probe status!
> Configured hostname 'idm1.sub.domain.tld' does not match any master
> server in LDAP:
> idm1.sub.domain.tld
> Failed to get list of services to probe status!
> Configured hostname 'idm1.sub.domain.tld' does not match any master
> server in LDAP:
> idm1.sub.domain.tld
>
> Any help or pointers greatly appreciated!
>
> Regards,
> Andreas
>
More information about the Freeipa-users
mailing list