[Freeipa-users] Trouble creating replica

Bret Wortman bret.wortman at damascusgrp.com
Tue Feb 19 19:01:21 UTC 2013 

No, can't telnet to 7389 or 9444 either one:

[root at ipamaster]# telnet oldmaster.my.com 7389
Trying 10.0.0.42...
telnet: connect to address 10.0.0.42: COnnection refused
[root at ipamaster]#

I do note that I only have packages called dogtag-*-theme installed:

[root at oldmaster]# yum list "*dogtag*"
Loaded plugins: lnagpacks, presto, refresh-packagekit
Installed Packages
dogtag-pki-ca-theme.noarch                  9.0.11-1.fc17
 @fedora
dogtag-pki-common-theme.noarch              9.0.11-1.fc17
 @fedora
Available Packages
dogtag-pki.noarch                           9.0.0-13.fc17
 @fedora
:

I also noticed that, according to /var/log/pki-ca/catalina.out and
/var/log/pki-ca/debug, this hasn't successfully run since 05-Feb. And no,
I'm not sure what happened on that day to change things, but I'm trying to
find out. (At least, I assume this logdir relates to dogtag....)



*
*
*Bret Wortman*
<http://damascusgrp.com/>
http://damascusgrp.com/ <http://bretwortman.com/>
http://twitter.com/BretWortman


On Tue, Feb 19, 2013 at 1:26 PM, Rob Crittenden <rcritten at redhat.com> wrote:

> Natxo Asenjo wrote:
>
>> On Tue, Feb 19, 2013 at 5:58 PM, Bret Wortman
>> <bret.wortman at damascusgrp.com <mailto:bret.wortman@**damascusgrp.com<bret.wortman at damascusgrp.com>>>
>> wrote:
>>
>>     Digging a bit deeper, I found this in /var/log/pki-ca/catalina.out:
>>
>>     :
>>     Could not connect to LDAP server host oldmaster.my.com
>>     <http://oldmaster.my.com> port 7389 Error
>>
>>     netscape.ldap.LDAPException: failed to connect to server
>>     ldap://oldmaster.my.com:7389 <http://oldmaster.my.com:7389> (91)
>>
>>
>>     This certainly appears to be a problem, but everyone's
>>     authenticating against oldmaster just fine. Thoughts, anyone?
>>
>>
>> can you connect to that port (7389) on oldmaster.my.com
>> <http://oldmaster.my.com> from the other replica? (try telnetting to the
>> port: telnet oldmaster.my.com <http://oldmaster.my.com> 7389)
>>
>
> 7389 is port in the 389-ds instance used by dogtag. Is the instance
> running on oldmaster?
>
> It isn't used for authentication which is why you aren't seeing problems
> with clients.
>
> rob
>
> ______________________________**_________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/**mailman/listinfo/freeipa-users<https://www.redhat.com/mailman/listinfo/freeipa-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130219/7a70a88b/attachment.htm>

More information about the Freeipa-users mailing list