[Freeipa-users] help! IPA server she explode!
Rob Crittenden
rcritten at redhat.com
Thu May 19 17:52:48 UTC 2011
Steven Jones wrote:
>
> I have an internal ajax error!
>
> :(
>
> the logs say,
>
>
> [Thu May 19 09:59:35 2011] [notice] Apache/2.2.15 (Unix) DAV/2 mod_auth_kerb/5.4 mod_nss/2.2.15 NSS/3.12.9.0 mod_wsgi/3.2 Python/2.6.6 mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming normal operations
> <jonesst1> [Thu May 19 09:59:38 2011] [error] ipa: ERROR: Failed to start IPA: Unable to retrieve LDAP schema. Error initializing principal HTTP/vuwunicoipamt01.unix.vuw.ac.nz at UNIX.VUW.AC.NZ in /etc/httpd/conf/ipa.keytab: (-1765328228, 'Cannot contact any KDC for requested realm')
> <jonesst1> [Thu May 19 09:59:38 2011] [error] ipa: ERROR: Failed to start IPA: Unable to retrieve LDAP schema. Error initializing principal HTTP/vuwunicoipamt01.unix.vuw.ac.nz at UNIX.VUW.AC.NZ in /etc/httpd/conf/ipa.keytab: (-1765328228, 'Cannot contact any KDC for requested realm')
> <jonesst1> [Thu May 19 10:04:42 2011] [error] [client 130.195.81.236] File does not exist: /usr/share/ipa/ui/develop.js, referer: https://vuwunicoipamt01.unix.vuw.ac.nz/ipa/ui/
> <jonesst1> [Thu May 19 10:04:42 2011] [error] [client 130.195.81.236] File does not exist: /usr/share/ipa/ui/top-bg.png, referer: https://vuwunicoipamt01.unix.vuw.ac.nz/ipa/ui/ipa.css
> <jonesst1> [Thu May 19 10:04:42 2011] [error] [client 130.195.81.236] File does not exist: /usr/share/ipa/ui/favicon.ico
> <jonesst1> [Thu May 19 10:04:42 2011] [error] [client 130.195.81.236] File does not exist: /usr/share/ipa/ui/favicon.ico
> <jonesst1> [Thu May 19 10:04:43 2011] [error] [client 130.195.81.236] mod_wsgi (pid=1917): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'.
> <jonesst1> [Thu May 19 10:04:45 2011] [error] [client 130.195.81.236] File does not exist: /usr/share/ipa/ui/favicon.ico
> <jonesst1> [Thu May 19 10:05:09 2011] [error] [client 130.195.81.236] mod_wsgi (pid=1916): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'.
> <jonesst1> [root at vuwunicoipamt01 httpd]#
>
> regards
The key bit in the log is:
Failed to start IPA: Unable to retrieve LDAP schema. Error initializing
principal HTTP/vuwunicoipamt01.unix.vuw.ac.nz at UNIX.VUW.AC.NZ in
/etc/httpd/conf/ipa.keytab: (-1765328228, 'Cannot contact any KDC for
requested realm')
Without the schema the framework can't do much of anything useful so it
just punts. Some things to try in no particular order:
- /sbin/service httpd restart, perhaps dirsrv was down when httpd started
- on IPA server kinit admin to ensure things are working
- ensure that dirsrv is running (krb5kdc running w/o dirsrv is bound to
fail)
rob
More information about the Freeipa-users
mailing list