I tried this, but no joy: # /usr/sbin/ipa-upgradeconfig --debug : : DEBUG: caSignedLogCert.cfg<http://bl-1.com/click/load/VWRaa1w-b0221U28CYQNlAT4-b0231>profile validity range is 720 INFO: [Certificate renewal should stop the CA] ERROR: Unable to find certmonger request ID for auditSigning Cert INFO: The ipa-upgradeconfig command was successful #
But I still can't connect to http://ipamaster/ipa/ui/; I get a 903 error every time, and /var/log/httpd/error_log shows, in part: [Tue Aug 13 13:07:20.786566 2013] [:error] [pid 5890] KeyError: 'ipadnszone' [Tue Aug 13 13:07:20.786717 2013] [:error] [pid 5890] ipa: INFO: [email protected]: json_metadata(None, None, object=u'all'): KeyError [Tue Aug 13 13:07:21.001525 2013] [:error] [pid 5890] ipa: INFO: [email protected]: json_metadata(None, None, command=u'all'): SUCCESS DNS resolution, authentication and authorization all *appear* to be working fine. * * *Bret Wortman* http://damascusgrp.com/ http://about.me/wortmanbret On Tue, Aug 13, 2013 at 10:29 AM, Bret Wortman <[email protected] > wrote: > I just upgraded my IPA master from F17 to F18 and, in the process, updated > IPA to 3.1.5-1. Apparently, though, all is not well, because there are a > number of errors in > /var/log/ipaupgrade.log<http://bl-1.com/click/load/BzZcbVU2VmpTOwFsCD4-b0231>, > mostly related to things like (samples here; the server is on a private > network so I'm having to transcribe, if it looks like a typo, it probably > is): > > ERROR Cannot connect to LDAP to add DNS records: cannot connect to > u'ldapi://%2fvar%2run%2fslapd-FOO-NET.socket': LDAP Server Down > > ERROR certmonger failed to start tracking certificate: Command > '/usr/bin/getcert start-tracking -d /var/lib/pki-ca/alias -n > auditSigningCert cert-pki-ca -c dogtag-ipa-retrieve-agent-submit -B > /usr/lib64/ipa/certmonger/stop_pkicad -C > /usr/lib64/ipa/certmonger/restart_pkicad "auditSigningCert cert-pki-ca" -P > XXXXXXXX -T auditSigningCert cert-pki-ca' returned non-zero exit status 1 > > and numerous certmonger errors similar to this one. Finally, there's a > stacktrace from > ipapython/admintool.py<http://bl-1.com/click/load/BzYIOV0-b0221AT1QOFc6BjE-b0231>, > line 171 which ends the whole thing. > > What's my best plan for re-attempting this upgrade? > > * > * > *Bret Wortman* > > http://damascusgrp.com/<http://bl-1.com/click/load/VWQAMVQ3UGxVPQBtADQ-b0231> > http://about.me/wortmanbret<http://bl-1.com/click/load/XWwMPV0-b0221UW0CagZrBjM-b0231> >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
