In some cases people inadvertently breaks their installation by corrupting their keytab files or certificates.
A simple tool that knows of the various keytabs on the system (for server and client) and that can consult certmonger to find the certs, and then proceed to check if they work by trying to kinit and by checking the cert validity/chain would make troubleshooting some situations much easier.
The tool may also check firewall rules perhaps and DNS settings. All those things that cause hard to debug problems but are relatively easy to check by an autometed tool.
This IMO should be a part of the troubleshooting tool.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1152084 (Red Hat Enterprise Linux 7)
Metadata Update from @simo: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
The freeipa-healthcheck tool is now available.
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue set to the milestone: None (was: FreeIPA 4.5 backlog) - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.