<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 12/20/2012 04:04 AM, Nate Marks wrote:
<blockquote
cite="mid:CAHM9UcGSOGZiWD7EMPDpdrKxaUxphTDieAy9TrRCLwybDs1W9A@mail.gmail.com"
type="cite">I'm struggling with this output from
ipa-replica-manage against an AD machine. Can anyone tell me what
the '-11 -System Error means? Thanks!<br>
<br>
<br>
Added CA certificate
/etc/openldap/cacerts/testdc.testdomain.corp_testdomain-TESTDC-CA.crt
to certificate database for ipa01.inframax.ncare<br>
ipa: INFO: AD Suffix is: DC=testdomain,DC=corp<br>
The user for the Windows PassSync service is
uid=passsync,cn=sysaccounts,cn=etc,dc=inframax,dc=ncare<br>
Windows PassSync entry exists, not resetting password<br>
ipa: INFO: Added new sync agreement, waiting for it to become
ready . . .<br>
ipa: INFO: Replication Update in progress: FALSE: status: -11 -
System error: start: 0: end: 0<br>
ipa: INFO: Agreement is ready, starting replication . . .<br>
Starting replication, please wait until this has completed.<br>
[ipa01.inframax.ncare] reports: Update failed! Status: [-11 -
System error]<br>
Failed to start replication<br>
</blockquote>
<br>
What's in the 389 errors log
/var/log/dirsrv/slapd-YOUR-DOMAIN/errors from around this time?<br>
<br>
<blockquote
cite="mid:CAHM9UcGSOGZiWD7EMPDpdrKxaUxphTDieAy9TrRCLwybDs1W9A@mail.gmail.com"
type="cite"><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Freeipa-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre>
</blockquote>
<br>
</body>
</html>