ROSA Forum

Код: Выделить всё

Error checking LDAP: Server is unwilling to perform: Minimum SSF not met.
Discovery was successful!
Client hostname: pc48.my-org.com
Realm: MY-ORG.COM
DNS Domain: my-org.com
IPA Server: dc.my-org.com
BaseDN: dc=my-org,dc=com
Synchronizing time with KDC...
Attempting to sync time using ntpd.  Will timeout after 15 seconds
Attempting to sync time using ntpd.  Will timeout after 15 seconds
Unable to sync time with NTP server, assuming the time is in sync. Please check that 123 UDP port is opened.
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=MY-ORG.COM
    Issuer:      CN=Certificate Authority,O=MY-ORG.COM
    Valid From:  Sun Apr 29 10:00:40 2018 UTC
    Valid Until: Thu Apr 29 10:00:40 2038 UTC

Enrolled in IPA realm MY-ORG.COM
Created /etc/ipa/default.conf
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm MY-ORG.COM
Failed to add CA to temporary NSS database.
Installation failed. Rolling back changes.
Failed to list certificates in /etc/ipa/nssdb: Command ''/usr/bin/certutil' '-d' '/etc/ipa/nssdb' '-L'' returned non-zero exit status 255
Unenrolling client from IPA server
Removing Kerberos service principals from /etc/krb5.keytab
Disabling client Kerberos and LDAP configurations
Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted
Restoring client configuration files
nslcd daemon is not installed, skip configuration
Client uninstall complete.

Код: Выделить всё

/usr/bin/certutil  -d /etc/ipa/nssdb -L
certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.

Код: Выделить всё

rpm -ql ipa-python
/etc/ipa
/etc/ipa/ca.crt
/etc/ipa/default.conf
/etc/ipa/dnssec
/etc/ipa/nssdb
/etc/ipa/nssdb/cert8.db
/etc/ipa/nssdb/key3.db
/etc/ipa/nssdb/pwdfile.txt
/etc/ipa/nssdb/secmod.db
/etc/pki/ca-trust/source/ipa.p11-kit
/usr/lib/python2.7/site-packages/freeipa-2.0.0a0-py2.7.egg-info
...