[Freeipa-users] Issue while setting up Replication
Rob Crittenden
rcritten at redhat.com
Mon Apr 1 17:15:13 UTC 2013
Chandan Kumar wrote:
> Hello,
>
> I am new to FreeIPA so far I have setup the Server and few test clients,
> all went really smooth. However, I am having hard time in setting up the
> replication and any help will great!.
>
> I am using CentOS 6.4. Package Info
>
> ipa-server-3.0.0-26.el6_4.2.x86_64
> 389-ds-base-1.2.11.15-12.el6_4.x86_64
>
> I followed the steps mentioned in
>
> http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Multi_Master_Replication.html
FYI, these are very out-of-date.
> When I try to setup the replica with the replica prepare file from the
> master with --skip-conneccheck (because krb is not running on UDP ports)
I don't understand, you got an error about KRB not running on the UDP ports?
> ipa-replica-install /var/lib/ipa/replica-info-ipa02.ma.net.gpg
> --skip-conncheck.
>
> At the end I get below error
>
> -----------------------------------------
> [22/31]: setting up initial replication
> Starting replication, please wait until this has completed.
> [ipa01.ma.net <http://ipa01.ma.net>] reports: Update failed! Status: [-1
> - LDAP error: Can't contact LDAP server]
Well, something is blocking the connection, or the server on ipa01 isn't
running. This is a really low-level networking error.
>
> I also find similar error reported while setting up ipa on Fedora 18 at
> https://www.redhat.com/archives/freeipa-users/2013-February/msg00440.html
>
> But could not find its resolution.
We never heard back from the user. You're saying you see the same error?
> I am able to connect to the 389/636 port from the slave. Firewall is off
> on both ends and hostnames resolves properly.
On ipa02 you might try:
$ ldapsearch -x -H ldap://ipa01.ma.net -s base -b '' namingContexts
You might also try wireshark to monitor the connection request.
rob
More information about the Freeipa-users
mailing list