r
> deployments, but the issue can happen if cn=changelog5,cn=config is missing
> on the master AND the changelog directory is present.
>
> Can you check on the master if there is a directory:
> /var/lib/dirsrv/slapd-XXX/cldb and if there is an entry
> cn=changelog5,cn=config in /et
if there is a directory:
/var/lib/dirsrv/slapd-XXX/cldb and if there is an entry cn=changelog5,cn=config
in /etc/dirsrv/slapd-XXX/dse.ldif?
flo
On Wed, May 26, 2021 at 8:41 PM Sinh Lam via FreeIPA-users
wrote:
Hi Everyone -
I’m running into this odd issue I can’t seem to find a resolution to
This is an old thread but I’m running into this issue and was wondering if
there was ever a resolution to this.
Tldr -
My master failed and was not able to start up due to the dse.ldif being a zero
byte file and the .bak file was unusable as well. Ended up using the startOK
file and that g
Hi Everyone -
I’m running into this odd issue I can’t seem to find a resolution to. Long
story short, my IPA master was on a system that had a power failure. Upon
bring up, the dirsrv failed to start up due to a zero byte dse.ldif file.
Used a “backup” of the file and my master seemed to have ca
Hi -
General question. I would like to add freeradius to freeipa. Currently we
have a single master with multiple replicas at various sites. Will
replication break if I only add freeradius to the master but not to the
various sites?
Thanks.
Sinh
___
:
Sinh Lam via FreeIPA-users wrote:
> Hi Rob -
>
> The chain should be the same. I’m using a LetsEncrypt certificate and
> have previously had it added but I lapsed in renewing it and now when I
> attempt to update the cert for LDAP it just complains about the peer
> certificate ex
certificate so
hopefully I won’t make a bigger mess of things.
Thanks again.
Sinh
On January 26, 2021 at 12:02:26 PM, Rob Crittenden (rcrit...@redhat.com)
wrote:
Sinh Lam via FreeIPA-users wrote:
> Hi Rob -
>
> Do you have any instructions on manually doing this? I asked a similar
>
Hi Rob -
Do you have any instructions on manually doing this? I asked a similar
question a while ago (and excuses aside) but I haven’t responded back with
the requested info. The http cert was updated but I can’t seem to get the
389-ds certificate to update as well.
Thanks.
sinh
On January
So I have this problem where the certificates have expired. I created a new
one but however when trying to apply the new certs using
ipa-server-certinstall, http works but when trying to get it to apply to ldap
it fails with a "peer's certificate issuer is not recognized".
looking at the log
