For example, when my idm.lab.lab main free ipa server is active, when I ssh from ipa clients, the username and password screen comes very quickly and I can log in. However, when I disconnect my idm.lab.lab main free ipa server for testing, my replica free ipa server idm02.lab.lab automatically activates, but when I ssh from ipa clients, after entering the username, the password screen takes about 15 seconds on average. there is an abnormal situation here. I wonder if my ipa clients are connecting to the nfs servers with autofs, could this be the reason? But there is no problem with my idm.lab.lab free ipa main server. I am having this problem only on the replica free ipa server.
Which parts should I check to solve this problem? thankyou. Rob Crittenden <[email protected]>, 25 Eki 2023 Çar, 16:34 tarihinde şunu yazdı: > Alper AYKUT via FreeIPA-users wrote: > > I disconnected the main server to do a test. The replica server comes up > > automatically but it is very slow. What could be the reason for this, > > what could I be missing? > > What exactly does slow mean? > > rob > > > > > Alper AYKUT <[email protected] <mailto:[email protected]>>, 25 > > Eki 2023 Çar, 15:33 tarihinde şunu yazdı: > > > > this command shows the ip address of both my main server and my > > replica server. dig +short /server.idm.example.com < > http://server.idm.example.com>/A > > > > dig +short -x /192.0.2.1 But this command only shows the name of my > > main free ipa server. On my replica server it returns blank and says > > nothing. Is this a bug and how can I fix it? / > > > > /Obviously I installed the Replica server with the following command > > but I'm not sure if I did it correctly ? > > / > > > > / > > > > ipa-replica-install --no-host-dns --setup-ca --setup-dns > --no-forwarders --force-join --mkhomedir > > > > Now when I create a user on the main server, it appears on the > > replica server. > > > > It also appears as follows under Identity-services. > > > > DNS/idm.lab.lab > > DNS/idm02.lab.lab > > http/idm.lab.lab > > http/idm02.lab.lab > > dogtag/idm.lab.lab > > dogtag/idm02.lab.lab > > ipa-dnskeysyncd/idm.lab.lab > > ipa-dnskeysyncd/idm02.lab.lab > > ldap/idm.lab.lab > > ldap/idm02.lab.lab > > // > > / > > > > /Ipaserver/ipaserver / > > > > /idm.lab.lab/ > > > > /idm02.lab.lab/ > > > > /but the dnz zone looks like the following. > > / > > > > / > > 22.40.10.in-addr.arpa. > > < > https://idm.tutel.lab/ipa/ui/#/e/dnszone/records/22.40.10.in-addr.arpa.> > > > > Enabled > > > > lab.lab. <https://idm.tutel.lab/ipa/ui/#/e/dnszone/records/tutel.lab > .> > > > > Is there anything missing? Do you think everything is right now? Is > > there anything I need to fix? > > > > Thanks for your help and your time. / > > > > / > > / > > > > > > > > > > > > Florence Blanc-Renaud <[email protected] <mailto:[email protected]>>, 25 > > Eki 2023 Çar, 15:20 tarihinde şunu yazdı: > > > > Hi, > > > > On Wed, Oct 25, 2023 at 12:31 PM Alper AYKUT via FreeIPA-users > > <[email protected] > > <mailto:[email protected]>> wrote: > > > > Hello, I have a free ipa server with dns and ca integrated > > that is currently running. Now I want to set up a replica > > server but I can't figure out some parts. It gives an error > > when I want to set it up with the following steps. How can I > > overcome this problem? * > > * > > > > ipa-replica-install --setup-dns --setup-ca --mkhomedir > > > > Lookup failed: Preferred host idm02ntp.tutel.lab does not > > provide DNS. > > Reverse DNS resolution of address 101.45.58.172 > > (replica.lab.lab) failed. Clients may not function properly. > > Please check your DNS setup. (Note that this check queries > > IPA DNS directly and ignores /etc/hosts.) > > > > Please check the DNS requirements listed in this document: > > > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/installing_identity_management/preparing-the-system-for-ipa-server-installation_installing-identity-management#host-name-and-dns-requirements-for-ipa_preparing-the-system-for-ipa-server-installation > > > > flo > > > > thankyou. > > _______________________________________________ > > FreeIPA-users mailing list -- > > [email protected] > > <mailto:[email protected]> > > To unsubscribe send an email to > > [email protected] > > <mailto:[email protected]> > > Fedora Code of Conduct: > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > > https://lists.fedorahosted.org/archives/list/[email protected] > > Do not reply to spam, report it: > > https://pagure.io/fedora-infrastructure/new_issue > > > > > > _______________________________________________ > > FreeIPA-users mailing list -- [email protected] > > To unsubscribe send an email to > [email protected] > > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > > > >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
