[Freeipa-users] cant create winsync reolication

Rich Megginson rmeggins at redhat.com
Fri Jan 31 21:29:55 UTC 2014 

On 01/31/2014 02:09 PM, Todd Maugh wrote:
> thank you for the reply. here is the out put of the first command. I'm 
> going to run the second now and will reply with that as well
>  LDAPTLS_CACERTDIR=/etc/dirsrv/slapd-BOINGO-COM/ ldapsearch -d 1 -LLLx 
> -ZZ -H ldap://qatestdc2.boingoqa.local -b "cn=idm 
> admin,cn=users,dc=boingoqa,dc=local" -D  "cn=idm 
> admin,cn=users,dc=boingoqa,dc=local" -W 'objectclass=*' dn
> ldap_url_parse_ext(ldap://qatestdc2.boingoqa.local)
> ldap_create
> ldap_url_parse_ext(ldap://qatestdc2.boingoqa.local:389/??base)
> ldap_extended_operation_s
> ldap_extended_operation
> ldap_send_initial_request
> ldap_new_connection 1 1 0
> ldap_int_open_connection
> ldap_connect_to_host: TCP qatestdc2.boingoqa.local:389
> ldap_new_socket: 3
> ldap_prepare_socket: 3
> ldap_connect_to_host: Trying 10.194.55.48:389
> ldap_pvt_connect: fd: 3 tm: -1 async: 0
> ldap_open_defconn: successful
> ldap_send_server_request
> ber_scanf fmt ({it) ber:
> ber_scanf fmt ({) ber:
> ber_flush2: 31 bytes to sd 3
> ldap_result ld 0x260a160 msgid 1
> wait4msg ld 0x260a160 msgid 1 (infinite timeout)
> wait4msg continue ld 0x260a160 msgid 1 all 1
> ** ld 0x260a160 Connections:
> * host: qatestdc2.boingoqa.local  port: 389  (default)
>   refcnt: 2  status: Connected
>   last used: Fri Jan 31 21:07:43 2014
>
>
> ** ld 0x260a160 Outstanding Requests:
>  * msgid 1,  origid 1, status InProgress
>    outstanding referrals 0, parent count 0
>   ld 0x260a160 request count 1 (abandoned 0)
> ** ld 0x260a160 Response Queue:
>    Empty
>   ld 0x260a160 response count 0
> ldap_chkResponseList ld 0x260a160 msgid 1 all 1
> ldap_chkResponseList returns ld 0x260a160 NULL
> ldap_int_select
> read1msg: ld 0x260a160 msgid 1 all 1
> ber_get_next
> ber_get_next: tag 0x30 len 40 contents:
> read1msg: ld 0x260a160 msgid 1 message type extended-result
> ber_scanf fmt ({eAA) ber:
> read1msg: ld 0x260a160 0 new referrals
> read1msg:  mark request completed, ld 0x260a160 msgid 1
> request done: ld 0x260a160 msgid 1
> res_errno: 0, res_error: <>, res_matched: <>
> ldap_free_request (origid 1, msgid 1)
> ldap_parse_extended_result
> ber_scanf fmt ({eAA) ber:
> ber_scanf fmt (a) ber:
> ldap_parse_result
> ber_scanf fmt ({iAA) ber:
> ber_scanf fmt (x) ber:
> ber_scanf fmt (}) ber:
> ldap_msgfree
> TLS: certdb config: configDir='/etc/dirsrv/slapd-BOINGO-COM/' 
> tokenDescription='ldap(0)' certPrefix='' keyPrefix='' flags=readOnly
> TLS: using moznss security dir /etc/dirsrv/slapd-BOINGO-COM/ prefix .
> TLS: loaded CA certificate file /etc/ipa/ca.crt.

Can you provide your /etc/openldap/ldap.conf?

> TLS: certificate [CN=QATESTDC2.boingoqa.local] is not valid - error 
> -8179:Peer's Certificate issuer is not recognized..

This is saying QATESTDC2.boingoqa.local cannot be resolved - or the IP 
address does not match.

This is usually a problem, but perhaps you have set your ldap.conf to 
continue despite this problem?

> TLS certificate verification: subject: CN=QATESTDC2.boingoqa.local, 
> issuer: CN=SKYWARPCA,DC=boingoqa,DC=local, cipher: AES-128, security 
> level: high, secret key bits: 128, total key bits: 128, cache hits: 0, 
> cache misses: 0, cache not reusable: 0
> Enter LDAP Password:
> ldap_sasl_bind
> ldap_send_initial_request
> ldap_send_server_request
> ber_scanf fmt ({it) ber:
> ber_scanf fmt ({i) ber:
> ber_flush2: 65 bytes to sd 3
> ldap_result ld 0x260a160 msgid 2
> wait4msg ld 0x260a160 msgid 2 (infinite timeout)
> wait4msg continue ld 0x260a160 msgid 2 all 1
> ** ld 0x260a160 Connections:
> * host: qatestdc2.boingoqa.local  port: 389  (default)
>   refcnt: 2  status: Connected
>   last used: Fri Jan 31 21:07:50 2014
>
>
> ** ld 0x260a160 Outstanding Requests:
>  * msgid 2,  origid 2, status InProgress
>    outstanding referrals 0, parent count 0
>   ld 0x260a160 request count 1 (abandoned 0)
> ** ld 0x260a160 Response Queue:
>    Empty
>   ld 0x260a160 response count 0
> ldap_chkResponseList ld 0x260a160 msgid 2 all 1
> ldap_chkResponseList returns ld 0x260a160 NULL
> ldap_int_select
> read1msg: ld 0x260a160 msgid 2 all 1
> ber_get_next
> ber_get_next: tag 0x30 len 16 contents:
> read1msg: ld 0x260a160 msgid 2 message type bind
> ber_scanf fmt ({eAA) ber:
> read1msg: ld 0x260a160 0 new referrals
> read1msg:  mark request completed, ld 0x260a160 msgid 2
> request done: ld 0x260a160 msgid 2
> res_errno: 0, res_error: <>, res_matched: <>
> ldap_free_request (origid 2, msgid 2)
> ldap_parse_result
> ber_scanf fmt ({iAA) ber:
> ber_scanf fmt (}) ber:
> ldap_msgfree
> ldap_search_ext
> put_filter: "objectclass=*"
> put_filter: default
> put_simple_filter: "objectclass=*"
> ldap_send_initial_request
> ldap_send_server_request
> ber_scanf fmt ({it) ber:
> ber_scanf fmt ({) ber:
> ber_flush2: 85 bytes to sd 3
> ldap_result ld 0x260a160 msgid -1
> wait4msg ld 0x260a160 msgid -1 (infinite timeout)
> wait4msg continue ld 0x260a160 msgid -1 all 0
> ** ld 0x260a160 Connections:
> * host: qatestdc2.boingoqa.local  port: 389  (default)
>   refcnt: 2  status: Connected
>   last used: Fri Jan 31 21:07:50 2014
>
>
> ** ld 0x260a160 Outstanding Requests:
>  * msgid 3,  origid 3, status InProgress
>    outstanding referrals 0, parent count 0
>   ld 0x260a160 request count 1 (abandoned 0)
> ** ld 0x260a160 Response Queue:
>    Empty
>   ld 0x260a160 response count 0
> ldap_chkResponseList ld 0x260a160 msgid -1 all 0
> ldap_chkResponseList returns ld 0x260a160 NULL
> ldap_int_select
> read1msg: ld 0x260a160 msgid -1 all 0
> ber_get_next
> ber_get_next: tag 0x30 len 59 contents:
> read1msg: ld 0x260a160 msgid 3 message type search-entry
> ldap_get_dn_ber
> ber_scanf fmt ({ml{) ber:
> dn: CN=IDM ADMIN,CN=Users,DC=boingoqa,DC=local
> ber_scanf fmt ({xx) ber:
> ldap_get_attribute_ber
> ldap_msgfree
> ldap_result ld 0x260a160 msgid -1
> wait4msg ld 0x260a160 msgid -1 (infinite timeout)
> wait4msg continue ld 0x260a160 msgid -1 all 0
> ** ld 0x260a160 Connections:
> * host: qatestdc2.boingoqa.local  port: 389  (default)
>   refcnt: 2  status: Connected
>   last used: Fri Jan 31 21:07:50 2014
>
>
> ** ld 0x260a160 Outstanding Requests:
>  * msgid 3,  origid 3, status InProgress
>    outstanding referrals 0, parent count 0
>   ld 0x260a160 request count 1 (abandoned 0)
> ** ld 0x260a160 Response Queue:
>    Empty
>   ld 0x260a160 response count 0
> ldap_chkResponseList ld 0x260a160 msgid -1 all 0
> ldap_chkResponseList returns ld 0x260a160 NULL
> read1msg: ld 0x260a160 msgid -1 all 0
> ber_get_next
> ber_get_next: tag 0x30 len 16 contents:
> read1msg: ld 0x260a160 msgid 3 message type search-result
> ber_scanf fmt ({eAA) ber:
> read1msg: ld 0x260a160 0 new referrals
> read1msg:  mark request completed, ld 0x260a160 msgid 3
> request done: ld 0x260a160 msgid 3
> res_errno: 0, res_error: <>, res_matched: <>
> ldap_free_request (origid 3, msgid 3)
>
> ldap_parse_result
> ber_scanf fmt ({iAA) ber:
> ber_scanf fmt (}) ber:
> ldap_msgfree
> ldap_free_connection 1 1
> ldap_send_unbind
> ber_flush2: 7 bytes to sd 3
> ldap_free_connection: actually freed
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140131/1c9271b5/attachment.htm>

More information about the Freeipa-users mailing list