[Freeipa-users] strange replica creation problem

Janelle janellenicole80 at gmail.com
Mon Nov 17 17:26:24 UTC 2014 

I did find that as the work-around - just trying to understand why it 
comes up sometimes...
Did you find any issues with the workings of a replica if you had to 
resort to this method?

Thanks.

~J

On 11/17/14 10:57 AM, Craig White wrote:
>
> Janelle, this may not be that useful but I found it worthwhile to 
> resort to…
>
> –skip-conncheck
>
> When setting up the replica – pretty much for the same reason.
>
> Craig White
>
> System Administrator
>
> O623-201-8179 M602-377-9752
>
> cid:image001.png at 01CF86FE.42D51630
>
> SkyTouch Technology 4225 E. Windrose Dr.     Phoenix, AZ 85032
>
> *From:*freeipa-users-bounces at redhat.com 
> [mailto:freeipa-users-bounces at redhat.com] *On Behalf Of *Janelle
> *Sent:* Monday, November 17, 2014 7:43 AM
> *To:* freeipa-users at redhat.com
> *Subject:* [Freeipa-users] strange replica creation problem
>
> Happy Monday everyone,
>
> I have a strange issue I am seeing with replica creations, but it does 
> not seem to be consistent.  Sometimes, when trying to install the 
> replica I get errors trying to connect to the master via SSH:
>
> /[root at ipa3 ~]# ipa-replica-install 
> /var/lib/ipa/replica-info-ipa3.xyzzy.com.gpg
> Directory Manager (existing master) password:
>
> Run connection check to master
> Check connection from replica to remote master 'ipa2.xyzzy.com':
>    Directory Service: Unsecure port (389): OK
>    Directory Service: Secure port (636): OK
>    Kerberos KDC: TCP (88): OK
>    Kerberos Kpasswd: TCP (464): OK
>    HTTP Server: Unsecure port (80): OK
>    HTTP Server: Secure port (443): OK
>
> The following list of ports use UDP protocol and would need to be
> checked manually:
>    Kerberos KDC: UDP (88): SKIPPED
>    Kerberos Kpasswd: UDP (464): SKIPPED
>
> Connection from replica to master is OK.
> Start listening on required ports for remote master check
> Get credentials to log in to remote master
> admin at XYZZY.COM <mailto:admin at XYZZY.COM> password:
>
> Check SSH connection to remote master
> admin at ipa2.xyzzy.com <mailto:admin at ipa2.xyzzy.com>'s password:
> admin at ipa2.xyzzy.com <mailto:admin at ipa2.xyzzy.com>'s password:
> Could not SSH into remote host. Error output:
>     OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
>     debug1: Reading configuration data /etc/ssh/ssh_config
>     debug1: /etc/ssh/ssh_config line 51: Applying options for */
>
>
> ssh via root and all the hosts - using keys - works just fine. I don't 
> understand why this is happening on some hosts and not others.
>
>
> Any ideas?
> ~J
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141117/e1567c45/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 7660 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141117/e1567c45/attachment.png>

More information about the Freeipa-users mailing list