[Freeipa-users] strange replica install error (another one)
Janelle
janellenicole80 at gmail.com
Thu Dec 4 04:02:39 UTC 2014
Thanks -- still a bit strange that it did not show up on some servers -
vary random and intermittent.
BTW - a bit of information others might find useful. If you try to use
the "LDAP" portion of IPA for authentication - rather than fulling
installing the IPA client and using Kerberos - the servers running
ds-389 do not do well in handling the load. In other words - a few
hundred hosts trying to authenticate via LDAP only will send CPU through
the roof and crashes the slapd process often. Since IPA is supposed to
handle all options, I guess I am disappointed.
regards
~J
On 12/3/14 2:56 PM, Dmitri Pal wrote:
> On 12/03/2014 04:40 PM, Janelle wrote:
>> Here is a bit of baffling one on 4.0.5:
>>
>> Replica install p11-kit???
>
> This is a part of the DNSSEC set of packages.
>
>>
>> Connection from master to replica is OK.
>>
>> Connection check OK
>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported
>> attribute
>> Configuring NTP daemon (ntpd)
>> [1/4]: stopping ntpd
>> [2/4]: writing configuration
>> ...
>>
>> Your system may be partly configured.
>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>
>> LDAP error: UNWILLING_TO_PERFORM
>> database is read-only
>>
>>
>> Thoughts?
>> ~J
>>
>
>
More information about the Freeipa-users
mailing list