[Freeipa-users] CA: Cannot add Centos7.2 replica to Centos6.8 ipa server
Georgios Kafataridis
g.kafataridis at nelios.com
Mon Sep 12 17:19:17 UTC 2016
So, does anyone understand something more than me from the logs ? Can I
search for something that can help me solve it ?
On 9/9/2016 11:26 μμ, Georgios Kafataridis wrote:
> These are fresh logs from a last attempt to create a replica
>
> Centos 7
>
> /var/log/pki/pki-tomcat/ca/debug
>
>
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: === Token Panel ===
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: === Security Domain
> Panel ===
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: Joining existing
> security domain
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: Resolving security
> domain URLhttps://ipa-server.nelios:443
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: Getting security domain
> cert chain
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: Getting install token
> [09/Sep/2016:22:59:40][http-bio-8443-exec-3]: Getting install token
> [09/Sep/2016:22:59:41][http-bio-8443-exec-3]: Getting old cookie
> [09/Sep/2016:22:59:41][http-bio-8443-exec-3]: Token: null
> [09/Sep/2016:22:59:41][http-bio-8443-exec-3]: Install token is null
> [09/Sep/2016:22:59:41][http-bio-8443-exec-3]: Failed to obtain
> installation token from security domain
>
>
> Centos 6
>
> /var/log/pki-ca/debug
>
> [09/Sep/2016:22:59:42][TP-Processor3]: GetCookie before auth, url
> =https://ipa2-server2.nelios:443/ca/admin/console/config/wizard?p=5&subsystem=CA
> [09/Sep/2016:22:59:42][TP-Processor3]: IP: 192.168.4.175
> [09/Sep/2016:22:59:42][TP-Processor3]: AuthMgrName: passwdUserDBAuthMgr
> [09/Sep/2016:22:59:42][TP-Processor3]: CMSServlet: no client
> certificate found
> [09/Sep/2016:22:59:42][TP-Processor3]: Authentication: UID=admin
> [09/Sep/2016:22:59:42][TP-Processor3]: In LdapBoundConnFactory::getConn()
> [09/Sep/2016:22:59:42][TP-Processor3]: masterConn is connected: true
> [09/Sep/2016:22:59:42][TP-Processor3]: getConn: conn is connected true
> [09/Sep/2016:22:59:42][TP-Processor3]: getConn: mNumConns now 2
> [09/Sep/2016:22:59:42][TP-Processor3]: LdapAnonConnFactory::getConn
> [09/Sep/2016:22:59:42][TP-Processor3]: LdapAnonConnFactory.getConn():
> num avail conns now 2
> [09/Sep/2016:22:59:42][TP-Processor3]: returnConn: mNumConns now 3
> [09/Sep/2016:22:59:42][TP-Processor3]: returnConn: mNumConns now 2
> [09/Sep/2016:22:59:42][TP-Processor3]: SignedAuditEventFactory:
> create()
> message=[AuditEvent=AUTH_FAIL][SubjectID=$Unidentified$][Outcome=Failure][AuthMgr=passwdUserDBAuthMgr][AttemptedCred=$Unidentified$]
> authentication failure
>
> [09/Sep/2016:22:59:42][TP-Processor3]: GetCookie authentication failed
> [09/Sep/2016:22:59:42][TP-Processor3]:
> mErrorFormPath=/admin/ca/securitydomainlogin.template
> [09/Sep/2016:22:59:42][TP-Processor3]: CMSServlet: curDate=Fri Sep 09
> 22:59:42 EEST 2016 id=caGetCookie time=39
>
> /var/log/httpd/access_log
>
> 192.168.4.175 - - [09/Sep/2016:22:59:21 +0300] "GET
> /ca/rest/securityDomain/domainInfo HTTP/1.1" 404 315
> 192.168.4.175 - - [09/Sep/2016:22:59:22 +0300] "GET
> /ca/admin/ca/getDomainXML HTTP/1.1" 200 1148
> 192.168.4.175 - - [09/Sep/2016:22:59:22 +0300] "GET
> /ca/rest/account/login HTTP/1.1" 404 303
> 192.168.4.175 - - [09/Sep/2016:22:59:41 +0300] "POST
> /ca/admin/ca/getCertChain HTTP/1.0" 200 1398
> 192.168.4.175 - - [09/Sep/2016:22:59:42 +0300] "GET
> /ca/rest/account/login HTTP/1.1" 404 303
> 192.168.4.175 - - [09/Sep/2016:22:59:42 +0300] "POST
> /ca/admin/ca/getCookie HTTP/1.1" 200 5170
>
> /var/log/httpd/error_log
>
> [Fri Sep 09 22:59:22 2016] [error] [client 192.168.4.175] File does
> not exist: /var/www/html/ca
> [Fri Sep 09 22:59:22 2016] [error] [client 192.168.4.175] File does
> not exist: /var/www/html/ca
> [Fri Sep 09 22:59:42 2016] [error] [client 192.168.4.175] File does
> not exist: /var/www/html/ca
>
>
> /var/log/pki-ca/system
>
> 5337.TP-Processor3 - [09/Sep/2016:22:59:42 EEST] [6] [6] Failed to
> authenticate as admin UID=admin. Error: netscape.ldap.LDAPException:
> error result (49)
> 5337.TP-Processor3 - [09/Sep/2016:22:59:42 EEST] [3] [3] Servlet
> caGetCookie: Error getting servlet output stream when rendering
> template. Error Invalid Credential..
>
> /var/log/pki-ca/catalina.out
>
> Sep 08, 2016 4:17:34 PM org.apache.catalina.startup.HostConfig
> deployDirectory
> INFO: Deploying web application directory ROOT
> Sep 08, 2016 4:17:34 PM org.apache.coyote.http11.Http11Protocol start
> INFO: Starting Coyote HTTP/1.1 on http-9180
> Sep 08, 2016 4:17:34 PM org.apache.coyote.http11.Http11Protocol start
> INFO: Starting Coyote HTTP/1.1 on http-9443
> Sep 08, 2016 4:17:35 PM org.apache.coyote.http11.Http11Protocol start
> INFO: Starting Coyote HTTP/1.1 on http-9445
> Sep 08, 2016 4:17:35 PM org.apache.coyote.http11.Http11Protocol start
> INFO: Starting Coyote HTTP/1.1 on http-9444
> Sep 08, 2016 4:17:35 PM org.apache.coyote.http11.Http11Protocol start
> INFO: Starting Coyote HTTP/1.1 on http-9446
> Sep 08, 2016 4:17:35 PM org.apache.jk.common.ChannelSocket init
> INFO: JK: ajp13 listening on /0.0.0.0:9447 <http://0.0.0.0:9447>
> Sep 08, 2016 4:17:35 PM org.apache.jk.server.JkMain start
> INFO: Jk running ID=0 time=0/123 config=null
> Sep 08, 2016 4:17:35 PM org.apache.catalina.startup.Catalina start
> INFO: Server startup in 8550 ms
>
> Catalina seems to not have logged anything from yesterday.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160912/dba316c1/attachment.htm>
More information about the Freeipa-users
mailing list