[Freeipa-users] New replica won't accept replication

Rob Crittenden rcritten at redhat.com
Wed May 21 15:04:05 UTC 2014 

Bret Wortman wrote:
> This occurs on our first attempt to join as a replica. I've erased this
> box and rebaselined it but the same thing happens. No network ports
> being blocked that we know of, and another replica I created at the same
> time installed its replica file without issue.
> 
> asipa is the new replica, zsipa is the ca and original master on which
> the replica file was created.
> 
>   [24/34]: setting up initial replication
> Starting replication, please wait until this has completed
> Update in progress, 130 seconds elapsed
> Update in progress yet not in progress
> 
> [ipamaster.foo.net] reports: Update failed! Status: [10 Total update
> abortedLDAP error: Referral]
> 
> 
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
> 
> Failed to start replication
> #
> 
> /var/log/ipareplica-install.log contains this:
> 
> 2014-05-21T145:28:56Z DEBUG retrieving schema for SchemaCache
> url=ldaps://asipa.fopo.net:636 conn=<ldap.ldapobject.SimpleLDAPObject
> instance at 0x4faf170>
> 2014-05-21T14:31:08Z DEBUG   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py",
> line 638, in run_script
>     return_value = main_function()
> 
>   File "/usr/sbin/ipa-replica-install", line 663, in main
>     ds = install_replica_ds(config)
> 
>   File "/usr/sbin/ipa-replica-install", line 188, in install_replica_ds
>     ca_file=config.dir + "/ca.crt",
> 
>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
> 360 in create_replica
>     self.start_creation(runtime=60)
> 
>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> line 364, in start_creation
>     method()
> 
>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
> 373, in __setup_replica
>     r_bindpw=self.dm_password()
> 
>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py",
> line 961, in setup_replication
>     raise RuntimeError("Failed to start replication")
> 
> 2014-0521T14:31:08Z DEBUG The ipa-replica-install command failed,
> exception: RuntimeError: Failed to start replication
> 
> Any guidance on where to start looking?

Check the 389-ds access and error logs on both masters.

rob

More information about the Freeipa-users mailing list