Scott Reed via FreeIPA-users wrote:
I install FreeIPA with my usual options, but when it's done the
web interface is not available with the usual.
Service status:
[xadministrator@idm log]$ sudo systemctl enable tomcat.service -l
[xadministrator@idm log]$ sudo systemctl start tomcat.service -l
[xadministrator@idm log]$ sudo systemctl status tomcat.service -l
\u25cf tomcat.service - Apache Tomcat Web Application Container
Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled; vendor preset:
disabled)
Active: inactive (dead) since Tue 2020-01-21 14:42:52 EST; 3s ago
Process: 15192 ExecStart=/usr/libexec/tomcat/server start (code=exited,
status=0/SUCCESS)
Main PID: 15192 (code=exited, status=0/SUCCESS)
Why are you touching the services enabled? This should not be done. The
ipa service will start the things needed.
Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM
org.apache.catalina.core.StandardService stopInternal
Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping service Catalina
Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM
org.apache.coyote.AbstractProtocol stop
Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping ProtocolHandler
["http-bio-8080"]
Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM
org.apache.coyote.AbstractProtocol destroy
Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Destroying ProtocolHandler
["http-bio-8080"]
Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM
org.apache.coyote.AbstractProtocol stop
Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Stopping ProtocolHandler
["ajp-bio-8009"]
Jan 21 14:42:52 idm.cs.xxxx server[15192]: Jan 21, 2020 2:42:52 PM
org.apache.coyote.AbstractProtocol destroy
Jan 21 14:42:52 idm.cs.xxxx server[15192]: INFO: Destroying ProtocolHandler
["ajp-bio-8009"]
[xadministrator@idm log]$
[xadministrator@idm log]$ sudo systemctl status httpd -l
[sudo] password for xadministrator:
\u25cf httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset:
disabled)
Drop-In: /etc/systemd/system/httpd.service.d
\u2514\u2500ipa.conf
Active: active (running) since Tue 2020-01-21 14:18:35 EST; 1 day 2h ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 13471 (httpd)
Status: "Total requests: 4; Current requests/sec: 0; Current traffic: 0
B/sec"
Tasks: 61
CGroup: /system.slice/httpd.service
\u251c\u250013471 /usr/sbin/httpd -DFOREGROUND
\u251c\u250013472 /usr/libexec/nss_pcache 688130 off
\u251c\u250013475 (wsgi:kdcproxy) -DFOREGROUND
\u251c\u250013476 (wsgi:kdcproxy) -DFOREGROUND
\u251c\u250013477 (wsgi:ipa) -DFOREGROUND
\u251c\u250013478 (wsgi:ipa) -DFOREGROUND
\u251c\u250013479 (wsgi:ipa) -DFOREGROUND
\u251c\u250013480 (wsgi:ipa) -DFOREGROUND
\u251c\u250013481 /usr/sbin/httpd -DFOREGROUND
\u251c\u250013482 /usr/sbin/httpd -DFOREGROUND
\u251c\u250013483 /usr/sbin/httpd -DFOREGROUND
\u251c\u250013484 /usr/sbin/httpd -DFOREGROUND
\u251c\u250013485 /usr/sbin/httpd -DFOREGROUND
\u2514\u250013747 /usr/sbin/httpd -DFOREGROUND
Jan 21 14:18:35 idm.cs.xxxx systemd[1]: Started The Apache HTTP Server.
Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1
Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1
Jan 21 14:18:40 idm.cs.xxxx [13477]: GSSAPI client step 1
Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1
Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1
Jan 21 14:18:40 idm.cs.xxxx [13478]: GSSAPI client step 1
Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1
Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1
Jan 21 14:18:42 idm.cs.xxxx [13479]: GSSAPI client step 1
The url that I'm trying is:
https://idm.cs.xxxx/ipa/ui/
Any help would be appreciated.
What does "not available" mean? What do you see? Does curl work?
$ kinit admin
$ curl --negotiate -u :
https://ipa.example.test/ipa/ui/
I'd try on whatever your client machine is as well as the web server to
see if behavior differs.
rob