Re: [Freeipa-users] Unable to start IPA server after server reboot

Rob Crittenden Tue, 02 Aug 2011 06:18:58 -0700

Ondrej Valousek wrote:

  Hi list,


I have a problem with my IPA server:
Symptoms:

[root@polaris etc]# /etc/init.d/ipa start
Starting Directory Service
Starting dirsrv:
     EXAMPLE-COM...                                         [  OK  ]
     PKI-IPA...                                             [  OK  ]
Failed to read data from Directory Service: Unknown error when
retrieving list of services from LDAP: {'matched':
'cn=masters,cn=ipa,cn=etc,dc=example,dc=com', 'desc': 'No such object'}
Shutting down
Shutting down dirsrv:
     EXAMPLE-COM...                                         [  OK  ]
     PKI-IPA...                                             [  OK  ]

I am able to start the services (dirsrv, named, krb5kdc) separately
though and then read the configuration fine:

[root@polaris log]# kinit admin
Password for [email protected]:
[root@polaris etc]# ldapsearch -Y GSSAPI -h localhost -b
cn=masters,cn=ipa,cn=etc,dc=example,dc=com
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <cn=masters,cn=ipa,cn=etc,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# masters, ipa, etc, example.com
dn: cn=masters,cn=ipa,cn=etc,dc=example,dc=com
objectClass: nsContainer
objectClass: top
cn: masters

# polaris.example.com, masters, ipa, etc, example.com
dn: cn=polaris.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
objectClass: top
objectClass: nsContainer
cn: polaris.example.com

# CA, polaris.example.com, masters, ipa, etc, example.com
dn: cn=CA,cn=polaris.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 50
cn: CA
.....

Does it ring any bell to you?
Note that the IPA server was running fine right after the installation....

Is your hostname set to polaris.example.com or polaris (check/etc/sysconfig/network).


What we search for is cn=$FQDN,cn=masters,cn=etc

That explains the matched part. It matched everything except the hostname.

rob

_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Unable to start IPA server after server reboot

Reply via email to