On 11/20/22 9:06 AM, Sam Morris via FreeIPA-users wrote:
On Sat, 2022-11-19 at 11:57 +0100, Rob Verduijn via FreeIPA-users wrote:
Hi all,
I managed to get rid of another error but I still have plenty erros left.
Any help would be apreciated.
ipa-healthcheck errors remaining:
ipa-healthcheck args=({'msgtype': 101, 'msgid': 3, 'result': 32, 'desc': 'No such object', 'ctrls': [], 'ldap_request': "search_ext_s(('cn=changelog5,cn=config', 0, '(objectClass=*)'),{'attrlist': ['nsslapd-changelogmaxentries'], 'serverctrls': None,' clientctrls': None, 'escapehatch': 'i am sure'}) on instance TJAKO- THUIS"},)
Is this your server telling you that the entry cn=changelog5,cn=config does not exist? That sounds pretty bad... try running this (change IPA- EXAMPLE-COM to the name of your dirsrv instance):
ldapsearch -H ldapi://%2frun%2fslapd-IPA-EXAMPLE-COM.socket -Y EXTERNAL -b cn=changelog5,cn=config -s base
This is fine actually. This is a bug we are looking into. It should not be outputting that exception. It just checking if a backend has a changelog, not that it's expecting one. This can be ignored.
Mark
{ "source": "ipahealthcheck.ipa.certs", "check": "IPACertTracking", "result": "CRITICAL", "uuid": "6bab1187-3285-4059-9f92-a6e8fba54d2f", "when": "20221119105634Z", "duration": "0.721246", "kw": { "exception": "bus, object_path and dbus_interface must not be None." } },
These look like D-Bus-related errors. Is certmonger started, can you run 'getcert list'?