[Freeipa-users] No LDAPS for dirsrv
Thomas Raehalme
thomas.raehalme at codecenter.fi
Wed Feb 18 08:10:27 UTC 2015
On Wed, Feb 18, 2015 at 9:34 AM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:
>
> Unfortunately this still didn't resolve the issue. After the system has
>> been online for about 10 minutes, named starts complaining:
>> Also ldapsearch just hangs if you try to perform any queries.
>> Any ideas what could go wrong here?
>>
> So, can you get us a backtrace again?
>
Here is a summary of what is going on:
After a fresh start of IPA master with 'ipactl start' the system goes wrong
after 5-10 minutes.
What happens first is that KDC stops responding:
kinit thomas.raehalme
kinit: Cannot contact any KDC for realm 'EXAMPLE.COM' while getting initial
credentials
LDAP is still operational, however. It can be verified with ldapsearch.
Finally, after total of 15 minutes LDAP is also not responding:
Feb 18 10:00:12 ipa named[7410]: LDAP query timed out. Try to adjust
"timeout" parameter
Now I took some stacktraces which I will e-mail to you and Rob directly.
When I then try to stop dirsrv, it responds but seems to wait indefinitely:
[18/Feb/2015:10:03:03 +0200] - slapd shutting down - signaling operation
threads
[18/Feb/2015:10:03:03 +0200] - slapd shutting down - waiting for 30 threads
to terminate
I took two stacktraces from this situation as well.
Best regards,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150218/9d5f46a8/attachment.htm>
More information about the Freeipa-users
mailing list