[Freeipa-users] Replica install breaking ...
Rob Crittenden
rcritten at redhat.com
Fri Jul 15 22:30:01 UTC 2011
David L. Willson wrote:
> Does anyone have an idea why this isn't working?
>
> If fixing this one is too hard, is there clean process I can follow to suck the data out of this installation, for implanting into a new one?
>
> The only hard thing I've done so far is connect Zimbra and I'm reasonably sure I can re-do that, because I doc'd it when I did it (here, in fact).
>
> David L. Willson
> Trainer, Engineer, Enthusiast
> RHCE MCT MCSE Network+ A+ Linux+ LPIC-1 NovellCLA UbuntuCP
> tel://720.333.LANS
> Freedom is better when you earn it. Learn Linux.
>
> ----- Original Message -----
>> From: "David L. Willson"<DLWillson at thegeek.nu>
>> To: "freeipa-users"<freeipa-users at redhat.com>
>> Sent: Saturday, July 9, 2011 1:02:37 PM
>> Subject: Re: [Freeipa-users] Replica install breaking on DS step 23 of 27 (master-entry.ldif)
>>
>> Second round of tries today.
>> I've tried dropping the firewall on both servers, and disabling
>> enforcement for SELinux, and a full yum upgrade.
>> No change in the symptoms so far... :-(
>> Attached is /var/log/ipa* and below is my console output.
>> Any hints? Clues? Links to things I should know to read?
>> -------------------------------------------------------------
>> [rmsel-admin at vizzini ~]$ sudo ipa-replica-install --setup-dns
>> --forwarder=205.171.3.65 --forwarder=205.171.2.65
>> replica-info-vizzini.rmsel.org.gpg
>> Directory Manager (existing master) password:
>>
>> Configuring ntpd
>> [1/4]: stopping ntpd
>> [2/4]: writing configuration
>> [3/4]: configuring ntpd to start on boot
>> [4/4]: starting ntpd
>> done configuring ntpd.
>> Configuring directory server: Estimated time 1 minute
>> [1/27]: creating directory server user
>> [2/27]: creating directory server instance
>> [3/27]: adding default schema
>> [4/27]: enabling memberof plugin
>> [5/27]: enabling referential integrity plugin
>> [6/27]: enabling winsync plugin
>> [7/27]: configuring replication version plugin
>> [8/27]: enabling IPA enrollment plugin
>> [9/27]: enabling ldapi
>> [10/27]: configuring uniqueness plugin
>> [11/27]: configuring uuid plugin
>> [12/27]: configuring modrdn plugin
>> [13/27]: enabling entryUSN plugin
>> [14/27]: configuring lockout plugin
>> [15/27]: creating indices
>> [16/27]: configuring ssl for ds instance
>> [17/27]: configuring certmap.conf
>> [18/27]: configure autobind for root
>> [19/27]: restarting directory server
>> [20/27]: setting up initial replication
>> Starting replication, please wait until this has completed.
>> Update in progress
>> Update in progress
>> Update in progress
>> Update in progress
>> Update in progress
>> Update succeeded
>> [21/27]: adding replication acis
>> [22/27]: initializing group membership
>> [23/27]: adding master entry
>> root : CRITICAL Failed to load master-entry.ldif: Command
>> '/usr/bin/ldapmodify -h vizzini.rmsel.org -v -f /tmp/tmp0uC6BQ -x -D
>> cn=Directory Manager -y /tmp/tmp4KPcxN' returned non-zero exit
>> status 32
>> [24/27]: configuring Posix uid/gid generation
>> [25/27]: enabling compatibility plugin
>> [26/27]: tuning directory server
>> Custom file limits are already set! Skipping
>>
>> [27/27]: configuring directory to start on boot
>> done configuring dirsrv.
>> Configuring Kerberos KDC: Estimated time 30 seconds
>> [1/10]: adding sasl mappings to the directory
>> [2/10]: writing stash file from DS
>> [3/10]: configuring KDC
>> [4/10]: creating a keytab for the directory
>> creation of replica failed: [Errno 2] No such file or directory:
>> '/etc/dirsrv/ds.keytab'
>>
>> Your system may be partly configured.
>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
It is failing trying to create the ldap principal:
add_principal: Principal add failed: No such object while creating
"ldap/vizzini.rmsel.org at RMSEL.ORG".
Can you look in the 389-ds access log on that machine to see what wasn't
found?
rob
More information about the Freeipa-users
mailing list