freeipa

Clone
Source Code
GIT

#8936 ipa-server install failure without DNS
Closed: fixed 2 years ago by rcritten. Opened 2 years ago by fcami.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 9): Bug 1986329

Description of problem:
ipa-server setup without DNS is failing
Error: 
Synchronizing time
No SRV records of NTP servers found and no NTP server or pool address was provided.
Using default chrony configuration.
Attempting to sync time with chronyc.
Process chronyc waitsync failed to sync time!
Unable to sync time with chrony server, assuming the time is in sync. Please check that 123 UDP port is opened, and any time server is on network.
Warning: IPA was unable to sync time with chrony!
         Time synchronization is required for IPA to work correctly
user 'named' not found


Version-Release number of selected component (if applicable):
ipa-server-4.9.6-4.el9.x86_64
389-ds-base-2.0.6-3.el9.x86_64

How reproducible:
100%

Steps to Reproduce:
#yum install ipa-server -y


[root@master ~]# ipa-server-install --hostname=master.ipadomain.test -r IPADOMAIN.TEST -n ipadomain.test --ip-address=10.0.103.88 -p Secret123 -a Secret123 -U

The log file for this installation can be found in /var/log/ipaserver-install.log
==============================================================================
This program will set up the IPA Server.
Version 4.9.6

This includes:
  * Configure a stand-alone CA (dogtag) for certificate management
  * Configure the NTP client (chronyd)
  * Create and configure an instance of Directory Server
  * Create and configure a Kerberos Key Distribution Center (KDC)
  * Configure Apache (httpd)
  * Configure the KDC to enable PKINIT


The IPA Master Server will be configured with:
Hostname:       master.ipadomain.test
IP address(es): 10.0.103.88
Domain name:    ipadomain.test
Realm name:     IPADOMAIN.TEST

The CA will be configured with:
Subject DN:   CN=Certificate Authority,O=IPADOMAIN.TEST
Subject base: O=IPADOMAIN.TEST
Chaining:     self-signed

Disabled p11-kit-proxy
Synchronizing time
No SRV records of NTP servers found and no NTP server or pool address was provided.
Using default chrony configuration.
Attempting to sync time with chronyc.
Process chronyc waitsync failed to sync time!
Unable to sync time with chrony server, assuming the time is in sync. Please check that 123 UDP port is opened, and any time server is on network.
Warning: IPA was unable to sync time with chrony!
         Time synchronization is required for IPA to work correctly
user 'named' not found
The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information


[root@master ~]# id named
id: ‘named’: no such user



Expected results:
ipa-server setup without DNS should work

Additional info:
ipa-server setup without DNS works fine after ipa-server with DNS is install and uninstall

Metadata Update from @fcami:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1986329
2 years ago

Issue linked to bug 1986329

Metadata Update from @cheimes:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5927
- Issue assigned to cheimes
- Issue priority set to: important
- Issue tagged with: bug
2 years ago

master:

  • 8170659 Fix ldapupdate.get_sub_dict() for missing named user

ipa-4-9:

  • a1eb13c Fix ldapupdate.get_sub_dict() for missing named user

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
2 years ago

Login to comment on this ticket.

Metadata

bug

None
None
important
None
None
None
None
None
None
None
None
None
None
https://github.com/freeipa/freeipa/pull/5927
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1986329
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.