[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-users] Unable to start IPA server after server reboot

On 08/02/2011 09:42 AM, Ondrej Valousek wrote:
Hi Rob,
It was just "polaris" - so I tried:
[root polaris etc]# hostname polaris.example.com

and it started working - Magic!
That means that we rely on the fact that hostname is set to FQDN, right? Isn't it too strong requirement?
Maybe we should guess FQDN using reverse lookups I do not know. The bottom line is that at least the IPA installation script should warn about the incorrect hostname.

This actually brought a chuckle....we've been through a few iterations of how to deal with this.  The approach did do Reverse at one point, but that brought in a few other issues.  Needless to say, we've felt your pain on numerous occasions.

Kerberos depends on the hostname being right, and none of the auth works without Kerberos.  This is an issue that seems to mess people up in testing and evaluation mode, but people want and need it to resolve correctly in live environments.

And the error message was bit confusing as well, because from that one none can even guess what went wrong, I even tried to add 'ipactl -d start' to print more debugging, but it did not help either.

Just trying to bring some ideas, otherwise I am happy that it is working again for me :-)


On 02.08.2011 15:18, Rob Crittenden wrote:
Is your hostname set to polaris.example.com or polaris (check /etc/sysconfig/network).

What we search for is cn=$FQDN,cn=masters,cn=etc

That explains the matched part. It matched everything except the hostname.


The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: communications s3group com. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18

_______________________________________________ Freeipa-users mailing list Freeipa-users redhat com https://www.redhat.com/mailman/listinfo/freeipa-users

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]