Wow! It's really important question.
I'm joining with it. It's good to be able to know what happening with IPA-infra.
Espesially - ssh/sudo working (in general at least, with out concearning about HBAC+Policy groups).

2018-01-31 22:04 GMT+03:00 Alex Corcoles via FreeIPA-users <freeipa-users@lists.fedorahosted.org>:
Hi all,

Is there any official literature about how to monitor FreeIPA?

The upstream guide mentions:

1) Testing clients using id


2) Adding a user on a replica and verifying it appears on another server


There's also some troubleshooting appendices which look interesting.

I see also ipactl, "ipa ping", there seems to be:

(but it seems dead)


, and also some indepedent initiatives all over the web.

Is there any plan to provide an official way to monitor FreeIPA? My foremost concern would be to ensure that all clients are correctly enrolled and sudo/ssh work, so I am not locked out of my systems. Ensuring that replication works seems good and popular. Of course I can check that all services are running and ports respond.

What are the most common ways for FreeIPA to break?

Thoughts?

Álex

--
   ___
 {~._.~}
  ( Y )
 ()~*~()  mail: alex at corcoles dot net


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org




--
Best regards, Andrew.