Hide Forgot
Description of problem: Installation appears successful, but after successfully get admin credentials, unable to execute any ipa CLI admin commands: ipa: ERROR: cannot connect to 'any of the configured servers': https://jennyv1.testrelm/ipa/xml, https://jennyv1.testrelm/ipa/xml 1) Installed server on Fedora 14 with dogtab and --setupdns ipa-server-install --setup-dns --forwarder=$DNSFORWARD --hostname=$hostname_s.$DOMAIN -r $RELM -n $DOMAIN -p $ADMINPW -P $ADMINPW -a $ADMINPW -U 2) post installation kinit as admin # kinit admin 3) check credentials # klist <snip> Ticket cache: FILE:/tmp/krb5cc_0 Default principal: admin@TESTRELM Valid starting Expires Service principal 02/21/11 12:47:38 02/22/11 12:47:35 krbtgt/TESTRELM@TESTRELM 02/21/11 12:47:45 02/22/11 12:47:35 HTTP/jennyv1.testrelm@TESTRELM </snip> 4) execute a command # ipa user-find <snip> ipa: ERROR: cannot connect to 'any of the configured servers': https://jennyv1.testrelm/ipa/xml, https://jennyv1.testrelm/ipa/xml </snip> Version-Release number of selected component (if applicable): freeipa-server-2.0-0.2011020720git7be1275.fc14.i686 freeipa-admintools-2.0-0.2011020720git7be1275.fc14.i686 How reproducible: Always Steps to Reproduce: 1. See description 2. 3. Actual results: Expected results: Additional info:
Please run it again with -v so we can see what server(s) it is trying: # ipa -v user-find
https://fedorahosted.org/freeipa/ticket/994
# ipa -v user-find ipa: INFO: skipping plugin module ipalib.plugins.entitle: No module named rhsm.connection ipa: INFO: args=klist -V ipa: INFO: stdout=Kerberos 5 version 1.9 ipa: INFO: stderr= ipa: INFO: trying https://jennyv1.testrelm/ipa/xml ipa: INFO: trying https://jennyv1.testrelm/ipa/xml ipa: ERROR: cannot connect to 'any of the configured servers': https://jennyv1.testrelm/ipa/xml, https://jennyv1.testrelm/ipa/xml
http error_log <snip> [Mon Feb 21 12:44:58 2011] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [Mon Feb 21 12:44:58 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Mon Feb 21 12:44:59 2011] [notice] Digest: generating secret for digest authentication ... [Mon Feb 21 12:44:59 2011] [notice] Digest: done [Mon Feb 21 12:44:59 2011] [notice] Apache/2.2.17 (Unix) DAV/2 mod_auth_kerb/5.4 mod_nss/2.2.17 NSS/3.12.8.0 mod_wsgi/3.2 Python/2.7 configured -- resuming normal operations [Mon Feb 21 12:45:03 2011] [error] ipa: ERROR: Failed to start IPA: Unable to retrieve LDAP schema. Error initializing principal HTTP/jennyv1.TESTRELM@TESTRELM in /etc/httpd/conf/ipa.keytab: (-1765328378, 'Client not found in Kerberos database') [Mon Feb 21 12:45:03 2011] [error] ipa: ERROR: Failed to start IPA: Unable to retrieve LDAP schema. Error initializing principal HTTP/jennyv1.TESTRELM@TESTRELM in /etc/httpd/conf/ipa.keytab: (-1765328378, 'Client not found in Kerberos database') [Mon Feb 21 12:45:29 2011] [error] Unable to read from pin store for slot: internal APR err: 70007 [Mon Feb 21 12:47:45 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16190): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 12:47:46 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16191): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 12:53:27 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16190): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 12:53:28 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16191): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:28:41 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16190): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:28:41 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16191): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:30:42 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16190): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:30:42 2011] [error] [client 10.16.0.46] mod_wsgi (pid=16191): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:40:07 2011] [error] [client 10.16.0.49] mod_wsgi (pid=16190): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. [Mon Feb 21 13:40:50 2011] [error] [client 10.16.0.49] mod_wsgi (pid=16191): Target WSGI script '/usr/share/ipa/wsgi.py' does not contain WSGI application 'application'. </snip>
reducing severity as the host's DNS domain was set to upper case, and fixes this resolved. But, I am still not sure why this occurred so leaving the bug open.
1080 is a duplicate of this and already fixed. We require that host names be lower-case in ipa-server-install. master: 15e213d0258f69feaf6031a8721902f63c864ac2
closing not a bug. Misconfiguration.