909161 – ipa-client-install failed to fall over to replica with master down

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 909161 - ipa-client-install failed to fall over to replica with master down

Summary: ipa-client-install failed to fall over to replica with master down

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	6.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Rob Crittenden
QA Contact:	Namita Soman
Docs Contact:
URL:
Whiteboard:
Depends On:	905626 910557
Blocks:
TreeView+	depends on / blocked

Reported:	2013-02-08 12:31 UTC by Jiri Pallich
Modified:	2013-03-07 08:39 UTC (History)
CC List:	9 users (show)
Fixed In Version:	ipa-3.0.0-26.el6_4
Doc Type:	Bug Fix
Doc Text:	The Identity Management client enrollment "ipa-client-install" command would fail to enroll a client if any of the Identity Management masters were unavailable during enrollment. The client installer now tries all servers, either auto-discovered from DNS or passed via the "--server" option on the command line, until it finds one that is available and enrolls it in that one. Now, the Identity Management client enrollment "ipa-client-install" command functions normally.
Clone Of:
Environment:
Last Closed:	2013-03-07 08:39:28 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0606	0	normal	SHIPPED_LIVE	ipa bug fix update	2013-03-07 13:38:15 UTC

Description Jiri Pallich 2013-02-08 12:31:15 UTC

This bug has been copied from bug #905626 and has been proposed
to be backported to 6.4 z-stream (EUS).

Comment 5 Scott Poore 2013-02-19 19:02:54 UTC

Verified.

Version ::

ipa-client-3.0.0-26.el6_4.1.x86_64

Automated Test Results ::

Note that the automation flags it as original bz 905626 which this was cloned from.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-client-install-37- [Positive] Install with MASTER down, SLAVE up [BZ 905626]
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [19:48:31] ::  sssd.conf for testing BZ 819982 does not exists
Shutting down ntpd: [FAILED]
:: [   PASS   ] :: Running 'service ntpd stop'
Password for admin: 
ipa: ERROR: hp-dl380pgen8-02-vm-2.testrelm.com: host not found
:: [   PASS   ] :: Running 'ssh root.96.83 "echo PASSWORD|kinit admin;ipa host-del hp-dl380pgen8-02-vm-2.testrelm.com"'

MARK-LWD-LOOP -- 2013-02-18 19:49:04 --
:: [   PASS   ] :: Running 'sleep 60'
Warning: Permanently added 'nightcrawler.testrelm.com' (RSA) to the list of known hosts.
Stopping pki-ca: [  OK  ]
Stopping httpd: [  OK  ]
Stopping ipa_memcached: [  OK  ]
Stopping named: .[  OK  ]
Stopping Kerberos 5 Admin Server: [  OK  ]
Stopping Kerberos 5 KDC: [  OK  ]
Shutting down dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM-COM...[  OK  ]
Stopping CA Service
Stopping HTTP Service
Stopping MEMCACHE Service
Stopping DNS Service
Stopping KPASSWD Service
Stopping KDC Service
Stopping Directory Service
:: [   PASS   ] :: Stop MASTER IPA server
:: [19:50:20] ::  EXECUTING: ipa-client-install --domain=testrelm.com --realm=TESTRELM.COM  -p admin -w PASSWORD --unattended
Discovery was successful!
Hostname: hp-dl380pgen8-02-vm-2.testrelm.com
Realm: TESTRELM.COM
DNS Domain: testrelm.com
IPA Server: cloud-qe-7.testrelm.com
BaseDN: dc=testrelm,dc=com
Synchronizing time with KDC...
Enrolled in IPA realm TESTRELM.COM
Created /etc/ipa/default.conf
New SSSD config will be created
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm TESTRELM.COM
trying https://cloud-qe-7.testrelm.com/ipa/xml
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Forwarding 'host_mod' to server u'https://cloud-qe-7.testrelm.com/ipa/xml'
SSSD enabled
Configured /etc/openldap/ldap.conf
NTP enabled
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Client configuration complete.

:: [   PASS   ] :: Installing ipa client and configuring - with all params
:: [   PASS   ] :: File '/var/log/ipaclient-install.log' should not contain 'Can't contact LDAP server'
:: [   PASS   ] :: File '/var/log/ipaclient-install.log' should not contain 'Failed to verify that.*is an IPA Server'
:: [   PASS   ] :: BZ 905626 not found
:: [19:51:21] ::  Backing up and submitting /var/log/ipaclient-install.log
Starting dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM-COM...[  OK  ]
Starting Kerberos 5 KDC: [  OK  ]
Starting Kerberos 5 Admin Server: [  OK  ]
Starting named: [  OK  ]
Starting ipa_memcached: [  OK  ]
Starting httpd: [  OK  ]
Starting pki-ca: [  OK  ]
Starting Directory Service
Starting KDC Service
Starting KPASSWD Service
Starting DNS Service
Starting MEMCACHE Service
Starting HTTP Service
Starting CA Service
:: [   PASS   ] :: Start MASTER IPA server

Comment 7 errata-xmlrpc 2013-03-07 08:39:28 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0606.html

Note You need to log in before you can comment on or make changes to this bug.