[Freeipa-users] server 1 cannot syn update to server 2 after restart

barrykfl at gmail.com barrykfl at gmail.com
Tue Apr 26 11:26:27 UTC 2016 

server 2 can syn update to server 1 but reverse fail

Any idea? error below:

Can't contact LDAP server



[26/Apr/2016:18:40:13 +0800] - Skipping CoS Definition cn=Password
Policy,cn=accounts,dc=ABC,dc=com--no CoS Templates found, which should be
added before the CoS Definition.
[26/Apr/2016:18:40:19 +0800] - Skipping CoS Definition cn=Password
Policy,cn=accounts,dc=ABC,dc=com--no CoS Templates found, which should be
added before the CoS Definition.
[26/Apr/2016:18:40:19 +0800] set_krb5_creds - Could not get initial
credentials for principal [ldap/central.ABC.com at ABC.COM] in keytab
[FILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC for
requested realm)
[26/Apr/2016:18:40:19 +0800] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2
(Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS
failure.  Minor code may provide more information (Credentials cache file
'/tmp/krb5cc_492' not found)) errno 0 (Success)
[26/Apr/2016:18:40:19 +0800] slapi_ldap_bind - Error: could not perform
interactive bind for id [] mech [GSSAPI]: error -2 (Local error)
[26/Apr/2016:18:40:19 +0800] NSMMReplicationPlugin - agmt="cn=
meTocentral02.ABC.com" (central02:389): Replication bind with GSSAPI auth
failed: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI
Error: Unspecified GSS failure.  Minor code may provide more information
(Credentials cache file '/tmp/krb5cc_492' not found))
[26/Apr/2016:18:40:19 +0800] - slapd started.  Listening on All Interfaces
port 389 for LDAP requests
[26/Apr/2016:18:40:19 +0800] - Listening on /var/run/slapd-ABC-COM.socket
for LDAPI requests
[26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn=
meTocentral02.ABC.com" (central02:389): Replication bind with GSSAPI auth
resumed
[26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn=
meTocentral02.ABC.com" (central02:389): Missing data encountered
[26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn=
meTocentral02.ABC.com" (central02:389): Incremental update failed and
requires administrator action

>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160426/e97f4a31/attachment.htm>

More information about the Freeipa-users mailing list