Issue #3327: [RFE] diagnosis tool - freeipa

freeipa

#3327 [RFE] diagnosis tool

Closed: Duplicate None Opened 11 years ago by rcritten.

A tool that can diagnose an IPA client or server installation would be a handy thing to have, and could be built up over time.

Initial things it could do:

Validate that keytabs are ok (known only, /etc/krb5.keytab, /etc/httpd/conf/ipa.keytab and /etc/dirsrv/ds.keytab)
Get a host TGT
Verify that the certificates are ok (start with HTTP and DS, maybe machine cert)
Connectivity, perhaps using the conncheck tool.
Replication status, perhaps

It would be nice if it could scan logs for issues, such as AVCs for processes we care about.

Needs design page to more fully flesh out details.

One should be able to run the same tool on clients as well, just a subset of the features would apply.

msauton commented 11 years ago

add reverse DNS tests for all hosts involved in replication and PKI

dpal commented 9 years ago

Also see #4008

mkosek commented 9 years ago

These efforts should be merged - closing as duplicate.

Metadata Update from @rcritten:
- Issue assigned to someone
- Issue set to the milestone: Ticket Backlog

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

Ticket Backlog

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#3327 [RFE] diagnosis tool Closed: Duplicate None Opened 11 years ago by rcritten.

Metadata

#3327 [RFE] diagnosis tool

Closed: Duplicate None Opened 11 years ago by rcritten.