<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 06/21/2013 02:39 PM, Joshua J.
Kugler wrote:<br>
</div>
<blockquote cite="mid:1392279.d0LL815NkN@hosanna" type="cite">
<pre wrap="">On Friday, June 21, 2013 09:26:36 Rob Crittenden wrote:
</pre>
<blockquote type="cite">
<pre wrap="">We'd need to see /var/log/ipareplica-install.log to see what the LDAP
error is. If you look on the remote master DS access log it may have
additional information on what was requested.
</pre>
</blockquote>
<pre wrap="">
Logs attached.
10.10.0.50 is the new replica.
No metion the new replica in the error logs. At least not that I can see.</pre>
</blockquote>
2013-06-21T20:12:12Z INFO The ipa-replica-install command failed,
exception: PROTOCOL_ERROR: {'info': 'unsupported extended
operation', 'desc': 'Protocol error'}<br>
<br>
This is from here:<br>
<br>
slapd-PKI-CA.access.log<br>
[21/Jun/2013:13:26:54 -0700] conn=53 fd=64 slot=64 connection from
10.10.0.50 to 10.10.0.4<br>
[21/Jun/2013:13:26:54 -0700] conn=53 op=0 EXT
oid="1.3.6.1.4.1.1466.20037"<br>
[21/Jun/2013:13:26:54 -0700] conn=53 op=0 RESULT err=2 tag=120
nentries=0 etime=0<br>
[21/Jun/2013:13:26:54 -0700] conn=53 op=1 UNBIND<br>
<br>
The server cannot respond to the startTLS request - which means the
server has not been configured for TLS/SSL.<br>
<br>
<blockquote cite="mid:1392279.d0LL815NkN@hosanna" type="cite">
<pre wrap="">
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Freeipa-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre>
</blockquote>
<br>
</body>
</html>