[Freeipa-users] krb5kdc service not starting
Gady Notrica
gnotrica at candeal.com
Wed Apr 27 14:36:52 UTC 2016
No changes to /var/log/dirsrv/slapd-IPA-CANDEAL-CA/errors. I am tailing the log file and running those commands doesn’t generate any log, nothing.
[root at cd-p-ipa1 log]# ipactl start
Starting Directory Service
Job for dirsrv at IPA-CANDEAL-CA.service failed because the control process exited with error code. See "systemctl status dirsrv at IPA-CANDEAL-CA.service" and "journalctl -xe" for details.
Failed to start Directory Service: Command ''/bin/systemctl' 'start' 'dirsrv at IPA-CANDEAL-CA.service'' returned non-zero exit status 1
Logs from /var/log/messages
Apr 27 10:26:05 cd-p-ipa1 systemd: Starting 389 Directory Server IPA-CANDEAL-CA....
Apr 27 10:26:05 cd-p-ipa1 ns-slapd: [27/Apr/2016:10:26:05 -0400] dse - The configuration file /etc/dirsrv/slapd-IPA-CANDEAL-CA/dse.ldif was not restored from backup /etc/dirsrv/slapd-IPA-CANDEAL-CA/dse.ldif.tmp, error -1
Apr 27 10:26:05 cd-p-ipa1 ns-slapd: [27/Apr/2016:10:26:05 -0400] dse - The configuration file /etc/dirsrv/slapd-IPA-CANDEAL-CA/dse.ldif was not restored from backup /etc/dirsrv/slapd-IPA-CANDEAL-CA/dse.ldif.bak, error -1
Apr 27 10:26:05 cd-p-ipa1 ns-slapd: [27/Apr/2016:10:26:05 -0400] config - The given config file /etc/dirsrv/slapd-IPA-CANDEAL-CA/dse.ldif could not be accessed, Netscape Portable Runtime error -5950 (File not found.)
[root at cd-p-ipa1 log]# systemctl start dirsrv at IPA-CANDEAL-CA.service
Job for dirsrv at IPA-CANDEAL-CA.service failed because the control process exited with error code. See "systemctl status dirsrv at IPA-CANDEAL-CA.service" and "journalctl -xe" for details.
[root at cd-p-ipa1 log]# systemctl status dirsrv at IPA-CANDEAL-CA.service -l
● dirsrv at IPA-CANDEAL-CA.service - 389 Directory Server IPA-CANDEAL-CA.
Loaded: loaded (/usr/lib/systemd/system/dirsrv at .service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2016-04-27 10:26:17 EDT; 3s ago
Process: 9830 ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i /var/run/dirsrv/slapd-%i.pid -w /var/run/dirsrv/slapd-%i.startpid (code=exited, status=1/FAILURE)
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] dse_read_one_file - The entry cn=schema in file /etc/dirsrv/slapd-IPA-CANDEAL-CA/schema/00core.ldif (lineno: 1) is invalid, error code 21 (Invalid syntax) - attribute type aci: Unknown attribute syntax OID "1.3.6.1.4.1.1466.115.121.1.15"
Apr 27 10:26:17 cd-p-ipa1.ipa.candeal.ca ns-slapd[9830]: [27/Apr/2016:10:26:17 -0400] dse - Please edit the file to correct the reported problems and then restart the server.
[root at cd-p-ipa1 log]#
Gady
From: Ludwig Krispenz [mailto:lkrispen at redhat.com]
Sent: April 27, 2016 10:06 AM
To: Gady Notrica
Cc: Rob Crittenden; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] krb5kdc service not starting
On 04/27/2016 03:48 PM, Gady Notrica wrote:
Hello Ludwig,
I do have only 1 error logs for the 26th in /var/log/dirsrv/slapd-IPA-CANDEAL-CA/errors. Below is the only line I have
[25/Apr/2016:22:34:51 -0400] NSMMReplicationPlugin - windows sync - failed to send dirsync search request: 2
[26/Apr/2016:00:13:01 -0400] - Entry "uid=MMOOREDT$,cn=users,cn=accounts,dc=ipa,dc=candeal,dc=ca" missing attribute "sn" required by object class "person"
[cid:image001.jpg at 01D1A06F.6FD59F60]
I don’t know if that helps.
no. And it is weird that there should be no logs, there were definitely messages logged around 8:50, you provided them via systemctl status dirsrv...
And at least the startup messages should b there
Can you try to start dirsrv again. and check what config settings for errorlog are in your dse.ldif
Gady
From: Ludwig Krispenz [mailto:lkrispen at redhat.com]
Sent: April 27, 2016 3:18 AM
To: Gady Notrica
Cc: Rob Crittenden; freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: Re: [Freeipa-users] krb5kdc service not starting
On 04/26/2016 09:09 PM, Gady Notrica wrote:
HERE..
[23/Apr/2016:11:39:51 -0400] set_krb5_creds - Could not get initial credentials for principal [ldap/cd-p-ipa1.ipa.domain.local at IPA.DOMAIN.LOCAL<mailto:ldap/cd-p-ipa1.ipa.domain.local at IPA.DOMAIN.LOCAL>] in keytab [FILE:/etc/dirsrv/ds.keytab<FILE:///\\%5C%5Cetc%5Cdirsrv%5Cds.keytab>]: -1765328228 (Cannot contact any KDC for requested realm)
[23/Apr/2016:11:39:51 -0400] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available)) errno 0 (Success)
[23/Apr/2016:11:39:51 -0400] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -2 (Local error)
[23/Apr/2016:11:39:51 -0400] NSMMReplicationPlugin - agmt="cn=meTocd-s-ipa1.ipa.domain.local" (cd-s-ipa1:389): Replication bind with GSSAPI auth failed: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available))
[23/Apr/2016:11:39:51 -0400] - slapd started. Listening on All Interfaces port 389 for LDAP requests
[23/Apr/2016:11:39:51 -0400] - Listening on All Interfaces port 636 for LDAPS requests
[23/Apr/2016:11:39:51 -0400] - Listening on /var/run/slapd-IPA-DOMAIN-LOCAL.socket for LDAPI requests
[23/Apr/2016:11:39:55 -0400] NSMMReplicationPlugin - agmt="cn=meTocd-s-ipa1.ipa.domain.local" (cd-s-ipa1:389): Replication bind with GSSAPI auth resumed
[23/Apr/2016:14:37:27 -0400] NSMMReplicationPlugin - agmt="cn=meTocd-s-ipa1.ipa.domain.local" (cd-s-ipa1:389): Unable to receive the response for a startReplication extended operation to consumer (Can't contact LDAP server). Will retry later.
[23/Apr/2016:14:38:02 -0400] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -1 (Can't contact LDAP server) ((null)) errno 107 (Transport endpoint is not connected)
[23/Apr/2016:14:38:02 -0400] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -1 (Can't contact LDAP server)
[23/Apr/2016:14:38:02 -0400] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -1 (Can't contact LDAP server) ((null)) errno 107 (Transport endpoint is not connected)
[23/Apr/2016:14:38:02 -0400] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -1 (Can't contact LDAP server)
[23/Apr/2016:14:38:02 -0400] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -1 (Can't contact LDAP server) ((null)) errno 107 (Transport endpoint is not connected)
[23/Apr/2016:14:38:02 -0400] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -1 (Can't contact LDAP server)
[23/Apr/2016:14:38:13 -0400] NSMMReplicationPlugin - agmt="cn=meTocd-s-ipa1.ipa.domain.local" (cd-s-ipa1:389): Replication bind with GSSAPI auth resumed
[25/Apr/2016:22:34:51 -0400] NSMMReplicationPlugin - windows sync - failed to send dirsync search request: 2
these are old logs, the problem you were reporting was on Apr, 26:
Apr 26 08:50:21 cd-p-ipa1.ipa.candeal.ca ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] dse_read_one_file - The entry cn=schema in file /etc/dirsrv/slapd-IPA-CANDEAL-CA/schema/00core.ldif (lineno: 1) is invalid, error code 21 (Invalid syntax) - attribute type aci: Unknown attribute syntax OID "1.3.6.1.4.1.1466.115.121.1.15"
Apr 26 08:50:21 cd-p-ipa1.ipa.candeal.ca ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] dse - Please edit the file to correct the reported problems and then restart the server.
we need the logs from that time
Gady
-----Original Message-----
From: Rob Crittenden [mailto:rcritten at redhat.com]
Sent: April 26, 2016 2:44 PM
To: Gady Notrica; Ludwig Krispenz; freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: Re: [Freeipa-users] krb5kdc service not starting
Gady Notrica wrote:
> Hey world,
>
> Any ideas?
What about the first part of Ludwig's question: Is there anything in the 389-ds error log?
rob
>
> Gady
>
> -----Original Message-----
> From: freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com>
> [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Gady Notrica
> Sent: April 26, 2016 10:10 AM
> To: Ludwig Krispenz; freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
> Subject: Re: [Freeipa-users] krb5kdc service not starting
>
> No, no changes. Lost connectivity with my VMs during the night
> (networking issues in datacenter)
>
> Reboot the server and oups, no IPA is coming up... The replica (secondary server) is fine though.
>
> Gady Notrica
>
> -----Original Message-----
> From: freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com>
> [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Ludwig Krispenz
> Sent: April 26, 2016 10:02 AM
> To: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
> Subject: Re: [Freeipa-users] krb5kdc service not starting
>
>
> On 04/26/2016 03:26 PM, Gady Notrica wrote:
>> Here...
>>
>> [root at cd-p-ipa1 log]# ipactl status
>> Directory Service: STOPPED
>> Directory Service must be running in order to obtain status of other
>> services
>> ipa: INFO: The ipactl command was successful
>>
>> [root at cd-p-ipa1 log]# systemctl status dirsrv at IPA-DOMAIN-LOCAL.service<mailto:dirsrv at IPA-CANDEAL-CA.service>
>> -l ● dirsrv at IPA-DOMAIN-LOCAL.service<mailto:dirsrv at IPA-DOMAIN-LOCAL.service> - 389 Directory Server IPA-DOMAIN-LOCAL.
>> Loaded: loaded (/usr/lib/systemd/system/dirsrv at .service<mailto:/usr/lib/systemd/system/dirsrv at .service>; enabled; vendor preset: disabled)
>> Active: failed (Result: exit-code) since Tue 2016-04-26 08:50:21 EDT; 30min ago
>> Process: 6333 ExecStart=/usr/sbin/ns-slapd -D
>> /etc/dirsrv/slapd-%i -i /var/run/dirsrv/slapd-%i.pid -w
>> /var/run/dirsrv/slapd-%i.startpid (code=exited, status=1/FAILURE)
>>
>> Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]:
>> [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp:
>> slapi_attr_values2keys_sv failed for type attributetypes Apr 26
>> 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]:
>> [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp:
>> slapi_attr_values2keys_sv failed for type attributetypes Apr 26
>> 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]:
>> [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp:
>> slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] - valueset_value_syntax_cmp: slapi_attr_values2keys_sv failed for type attributetypes Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016!
:08:50:21
-0400] dse_read_one_file - The entry cn=schema in file /etc/dirsrv/slapd-IPA-DOMAIN-LOCAL/schema/00core.ldif (lineno: 1) is invalid, error code 21 (Invalid syntax) - attribute type aci: Unknown attribute syntax OID "1.3.6.1.4.1.1466.115.121.1.15"
>> Apr 26 08:50:21 cd-p-ipa1.ipa.domain.local ns-slapd[6333]: [26/Apr/2016:08:50:21 -0400] dse - Please edit the file to correct the reported problems and then restart the server.
> this says the server doesn't know a syntax oid, but it is a known one.
> It could be that the syntax plugings couldn't be loaded. Thera are more errors before, could you check where the errors start in /var/log/dirsrv/slapd-<INSTANCE>/errors ?
>
> And, did you do any changes to the system before this problem started ?
>> [root at cd-p-ipa1 log]#
>>
>> Gady
>>
>> -----Original Message-----
>> From: freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com>
>> [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Martin
>> Babinsky
>> Sent: April 26, 2016 9:17 AM
>> To: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
>> Subject: Re: [Freeipa-users] krb5kdc service not starting
>>
>> On 04/26/2016 03:13 PM, Gady Notrica wrote:
>>> Hello world,
>>>
>>>
>>>
>>> I am having issues this morning with my primary IPA. See below the
>>> details in the logs and command result. Basically, krb5kdc service
>>> not starting - krb5kdc: Server error - while fetching master key.
>>>
>>>
>>>
>>> DNS is functioning. See below dig result. I have a trust with Windows AD.
>>>
>>>
>>>
>>> Please help…!
>>>
>>>
>>>
>>> [root at cd-ipa1 log]# systemctl status krb5kdc.service -l
>>>
>>> ● krb5kdc.service - Kerberos 5 KDC
>>>
>>> Loaded: loaded (/usr/lib/systemd/system/krb5kdc.service;
>>> disabled; vendor preset: disabled)
>>>
>>> Active: failed (Result: exit-code) since Tue 2016-04-26
>>> 08:27:52 EDT; 41min ago
>>>
>>> Process: 3694 ExecStart=/usr/sbin/krb5kdc -P
>>> /var/run/krb5kdc.pid $KRB5KDC_ARGS (code=exited, status=1/FAILURE)
>>>
>>>
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localsystemd[1]: Starting
>>> Kerberos
>>> 5 KDC...
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localkrb5kdc[3694]: krb5kdc:
>>> cannot initialize realm IPA.DOMAIN.LOCAL- see log file for details
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localsystemd[1]: krb5kdc.service:
>>> control process exited, code=exited status=1
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localsystemd[1]: Failed to start
>>> Kerberos 5 KDC.
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localsystemd[1]: Unit
>>> krb5kdc.service entered failed state.
>>>
>>> Apr 26 08:27:52 cd-ipa1.ipa.domain.localsystemd[1]: krb5kdc.service failed.
>>>
>>> [root at cd-ipa1 log]#
>>>
>>>
>>>
>>> Errors in /var/log/krb5kdc.log
>>>
>>>
>>>
>>> krb5kdc: Server error - while fetching master key K/M for realm
>>> DOMAIN.LOCAL
>>>
>>> krb5kdc: Server error - while fetching master key K/M for realm
>>> DOMAIN.LOCAL
>>>
>>> krb5kdc: Server error - while fetching master key K/M for realm
>>> DOMAIN.LOCAL
>>>
>>>
>>>
>>> [root at cd-ipa1 log]# systemctl status httpd -l
>>>
>>> ● httpd.service - The Apache HTTP Server
>>>
>>> Loaded: loaded (/etc/systemd/system/httpd.service; disabled;
>>> vendor
>>> preset: disabled)
>>>
>>> Active: failed (Result: exit-code) since Tue 2016-04-26
>>> 08:27:21 EDT; 39min ago
>>>
>>> Docs: man:httpd(8)<man:httpd%288%29>
>>>
>>> man:apachectl(8)<man:apachectl%288%29>
>>>
>>> Process: 3594 ExecStartPre=/usr/libexec/ipa/ipa-httpd-kdcproxy
>>> (code=exited, status=1/FAILURE)
>>>
>>>
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.localipa-httpd-kdcproxy[3594]:
>>> File "/usr/lib/python2.7/siteackages/ipapython/ipaldap.py", line
>>> 1579, in __wait_for_connection
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.local ipa-httpd-kdcproxy[3594]:
>>> wait_for_open_socket(lurl.hostport, timeout)
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.local ipa-httpd-kdcproxy[3594]:
>>> File "/usr/lib/python2.7/siteackages/ipapython/ipautil.py", line
>>> 1200, in wait_for_open_socket
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.local ipa-httpd-kdcproxy[3594]:
>>> raise e
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.local ipa-httpd-kdcproxy[3594]:
>>> error: [Errno 2] No such file or directory
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.local ipa-httpd-kdcproxy[3594]:
>>> ipa : ERROR Unknown error while retrieving setting from
>>> ldapi://%2fvar%2frun%2fslapd-IPA-DOMAIN-LOCAL.socket: [Errno 2] No
>>> such file or directory
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.localsystemd[1]: httpd.service:
>>> control process exited, code=exited status=1
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.localsystemd[1]: Failed to start
>>> The Apache HTTP Server.
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.localsystemd[1]: Unit
>>> httpd.service entered failed state.
>>>
>>> Apr 26 08:27:21 cd-ipa1.ipa.domain.localsystemd[1]: httpd.service failed.
>>>
>>> [root at cd-ipa1 log]#
>>>
>>>
>>>
>>>
>>>
>>> DNS Result for dig redhat.com
>>>
>>>
>>>
>>> ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> redhat.com
>>>
>>> ;; global options: +cmd
>>>
>>> ;; Got answer:
>>>
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5414
>>>
>>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL:
>>> 2
>>>
>>>
>>>
>>> ;; OPT PSEUDOSECTION:
>>>
>>> ; EDNS: version: 0, flags:; udp: 4096
>>>
>>> ;; QUESTION SECTION:
>>>
>>> ;redhat.com. IN A
>>>
>>>
>>>
>>> ;; ANSWER SECTION:
>>>
>>> redhat.com. 60 IN A 209.132.183.105
>>>
>>>
>>>
>>> ;; AUTHORITY SECTION:
>>>
>>> . 849 IN NS f.root-servers.net.
>>>
>>> . 849 IN NS e.root-servers.net.
>>>
>>> . 849 IN NS k.root-servers.net.
>>>
>>> . 849 IN NS m.root-servers.net.
>>>
>>> . 849 IN NS b.root-servers.net.
>>>
>>> . 849 IN NS g.root-servers.net.
>>>
>>> . 849 IN NS c.root-servers.net.
>>>
>>> . 849 IN NS h.root-servers.net.
>>>
>>> . 849 IN NS l.root-servers.net.
>>>
>>> . 849 IN NS a.root-servers.net.
>>>
>>> . 849 IN NS j.root-servers.net.
>>>
>>> . 849 IN NS i.root-servers.net.
>>>
>>> . 849 IN NS d.root-servers.net.
>>>
>>>
>>>
>>> ;; ADDITIONAL SECTION:
>>>
>>> j.root-servers.net. 3246 IN A 192.58.128.30
>>>
>>>
>>>
>>> ;; Query time: 79 msec
>>>
>>> ;; SERVER: 10.20.10.41#53(10.20.10.41)
>>>
>>> ;; WHEN: Tue Apr 26 09:02:43 EDT 2016
>>>
>>> ;; MSG SIZE rcvd: 282
>>>
>>>
>>>
>>> Gady
>>>
>>>
>>>
>>>
>>>
>> It seems like Directory server is not running. Can you post result of 'ipactl status' and 'systemctl status dirsrv at IPA-DOMAIN-LOCAL.service<mailto:dirsrv at IPA-CANDEAL-CA.service>'?
>>
>> --
>> Martin^3 Babinsky
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
> --
> Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
> Commercial register: Amtsgericht Muenchen, HRB 153243, Managing
> Directors: Paul Argiry, Charles Cachera, Michael Cunningham, Michael
> O'Neill
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
--
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Paul Argiry, Charles Cachera, Michael Cunningham, Michael O'Neill
--
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Paul Argiry, Charles Cachera, Michael Cunningham, Michael O'Neill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160427/f624a6c4/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 7126 bytes
Desc: image001.jpg
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160427/f624a6c4/attachment.jpg>
More information about the Freeipa-users
mailing list