[Freeipa-users] Failed to setup replica, slapi_ldap_bind fails
Filip Pytloun
filip at pytloun.cz
Mon Feb 8 17:05:05 UTC 2016
Hello,
I have a weird issue setting up FreeIPA replica. Conncheck passes fine
but at the end of ipa-replica-install I always get following error:
slapi_ldap_bind -Error: could not send startTLS request: error -11
(Connect error) errno 0 (Success)
on both master and replica without any further explanation in logs.
/etc/ldap.conf is correctly setup before ipa-replica-install and IPA CA
certificate is installed in system CA bundle so TLS should work just
fine.
Also I can manually connect just fine from replica to master and back so
it's not a network or LDAP client issue.
Replica agreement looks like this: http://pastebin.com/FT3p3KUk
freeipa-server 4.1.4
389-ds 1.3.4.5
Has anyone idea where to look at?
Filip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160208/45df1a19/attachment.sig>
More information about the Freeipa-users
mailing list