[Freeipa-users] can't add replica: failed to start the directory server
Tiemen Ruiten
t.ruiten at rdmedia.com
Thu Feb 16 17:23:30 UTC 2017
@Martin: No messages are generated in the errors log during the failed
replica install, there are some warnings, but they are generated at
different times and they don't look related.
@Jeff, I did see that on one of the existing masters the listener was
configured to be "::1". I changed it to 127.0.0.1 but no difference. I
commented the ::1 localhost entry in /etc/hosts on all three nodes, no
difference either. My journal looks the same as in the bugreport you linked:
Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.445272051 +0100] SSL alert: Security Initialization:
> Can't find certificate (Server-Cert) for family
> cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.445891468 +0100] SSL alert: Security Initialization:
> Unable to retrieve private key for cert Server-Cert of family
> cn=RSA,cn=encryption,cn=config (Netscape Po
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.446420819 +0100] SSL failure: None of the cipher are
> valid
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.446913819 +0100] ERROR: SSL2 Initialization Failed.
> Disabling SSL2.
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.447550894 +0100] 389-Directory/1.3.5.10
> B2017.017.2314 starting up
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.460575142 +0100] default_mr_indexer_create: warning -
> plugin [caseIgnoreIA5Match] does not handle caseExactIA5Match
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.470162594 +0100] Can't find certificate Server-Cert
> in attrcrypt_fetch_private_key: -8174 - security library: bad database.
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.470985550 +0100] Can't get private key from cert
> Server-Cert in attrcrypt_fetch_private_key: -8174 - security library: bad
> database.
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.471763716 +0100] Error: unable to initialize
> attrcrypt system for userRoot
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.472487718 +0100] start: Failed to start databases,
> err=-1 BDB0092 Unknown error: -1
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.473207435 +0100] Failed to start database plugin ldbm
> database
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.475663288 +0100] WARNING: ldbm instance userRoot
> already exists
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.476418009 +0100] ldbm_config_read_instance_entries:
> failed to add instance entry cn=userRoot,cn=ldbm
> database,cn=plugins,cn=config
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.477152165 +0100] ldbm_config_load_dse_info: failed to
> read instance entries
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.477915898 +0100] start: Loading database
> configuration failed
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.478593267 +0100] Failed to start database plugin ldbm
> database
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.479243074 +0100] Error: Failed to resolve plugin
> dependencies
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.479836990 +0100] Error: betxnpreoperation plugin
> 7-bit check is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.480476048 +0100] Error: preoperation plugin Account
> Usability Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.481116304 +0100] Error: accesscontrol plugin ACL
> Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.482357723 +0100] Error: preoperation plugin ACL
> preoperation is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.483158681 +0100] Error: betxnpreoperation plugin Auto
> Membership Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.483763046 +0100] Error: object plugin Class of
> Service is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.484398389 +0100] Error: preoperation plugin deref is
> not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.485001277 +0100] Error: preoperation plugin HTTP
> Client is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.485612725 +0100] Error: preoperation plugin IPA DNS
> is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.486187470 +0100] Error: object plugin IPA Lockout is
> not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.486740705 +0100] Error: betxnpostoperation plugin IPA
> MODRDN is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.487279020 +0100] Error: object plugin IPA Topology
> Configuration is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.487830515 +0100] Error: preoperation plugin IPA UUID
> is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.488373342 +0100] Error: preoperation plugin
> ipa-winsync is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.488953343 +0100] Error: extendedop plugin
> ipa_enrollment_extop is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.489516092 +0100] Error: preoperation plugin
> ipaUniqueID uniqueness is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.490054133 +0100] Error: preoperation plugin
> krbCanonicalName uniqueness is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.490606671 +0100] Error: preoperation plugin
> krbPrincipalName uniqueness is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.491143361 +0100] Error: database plugin ldbm database
> is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.491698168 +0100] Error: object plugin Legacy
> Replication Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.492236304 +0100] Error: betxnpreoperation plugin
> Linked Attributes is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.492790717 +0100] Error: betxnpreoperation plugin
> Managed Entries is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.493383474 +0100] Error: betxnpostoperation plugin
> MemberOf Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.493949979 +0100] Error: object plugin Multimaster
> Replication Plugin is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.495205267 +0100] Error: preoperation plugin netgroup
> uniqueness is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.496041114 +0100] Error: betxnpostoperation plugin
> referential integrity postoperation is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.496686920 +0100] Error: object plugin Roles Plugin is
> not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.497192324 +0100] Error: preoperation plugin sudorule
> name uniqueness is not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.497704125 +0100] Error: object plugin USN is not
> started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.498202061 +0100] Error: object plugin Views is not
> started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com ns-slapd[6200]:
> [16/Feb/2017:18:12:05.498711263 +0100] Error: extendedop plugin whoami is
> not started
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com systemd[1]:
> dirsrv at IPA-RDMEDIA-COM.service: main process exited, code=exited,
> status=1/FAILURE
> Feb 16 18:12:05 copernicum.ipa.rdmedia.com systemd[1]: Failed to start
> 389 Directory Server IPA-RDMEDIA-COM..
On 16 February 2017 at 17:29, Jeff Goddard <jgoddard at emerlyn.com> wrote:
> Might be another instance of this: https://fedorahosted.org/
> freeipa/ticket/6613
>
> Jeff
>
> On Thu, Feb 16, 2017 at 11:21 AM, Tiemen Ruiten <t.ruiten at rdmedia.com>
> wrote:
>
>> Hello,
>>
>> I'm trying to add a third replica to a FreeIPA 4.4 domain (level 1), but
>> I'm getting this error:
>>
>> [tiemen at copernicum ~]$ sudo ipa-replica-install -P admin -w "XXXXXXXXXX"
>>> --mkhomedir --setup-dns --forwarder 8.8.8.8 --forwarder 8.8.4.4
>>> Checking DNS forwarders, please wait ...
>>> Run connection check to master
>>> Connection check OK
>>> Configuring NTP daemon (ntpd)
>>> [1/4]: stopping ntpd
>>> [2/4]: writing configuration
>>> [3/4]: configuring ntpd to start on boot
>>> [4/4]: starting ntpd
>>> Done configuring NTP daemon (ntpd).
>>> Configuring directory server (dirsrv). Estimated time: 1 minute
>>> [1/44]: creating directory server user
>>> [2/44]: creating directory server instance
>>> [3/44]: updating configuration in dse.ldif
>>> [4/44]: restarting directory server
>>> [5/44]: adding default schema
>>> [6/44]: enabling memberof plugin
>>> [7/44]: enabling winsync plugin
>>> [8/44]: configuring replication version plugin
>>> [9/44]: enabling IPA enrollment plugin
>>> [10/44]: enabling ldapi
>>> [11/44]: configuring uniqueness plugin
>>> [12/44]: configuring uuid plugin
>>> [13/44]: configuring modrdn plugin
>>> [14/44]: configuring DNS plugin
>>> [15/44]: enabling entryUSN plugin
>>> [16/44]: configuring lockout plugin
>>> [17/44]: configuring topology plugin
>>> [18/44]: creating indices
>>> [19/44]: enabling referential integrity plugin
>>> [20/44]: configuring certmap.conf
>>> [21/44]: configure autobind for root
>>> [22/44]: configure new location for managed entries
>>> [23/44]: configure dirsrv ccache
>>> [24/44]: enabling SASL mapping fallback
>>> [25/44]: restarting directory server
>>> [26/44]: creating DS keytab
>>> [27/44]: retrieving DS Certificate
>>> [28/44]: restarting directory server
>>> ipa : CRITICAL Failed to restart the directory server (Command
>>> '/bin/systemctl restart dirsrv at IPA-RDMEDIA-COM.service' returned
>>> non-zero exit status 1). See the installation log for details.
>>> [29/44]: setting up initial replication
>>> [error] error: [Errno 111] Connection refused
>>> Your system may be partly configured.
>>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>> ipa.ipapython.install.cli.install_tool(Replica): ERROR [Errno 111]
>>> Connection refused
>>> ipa.ipapython.install.cli.install_tool(Replica): ERROR The
>>> ipa-replica-install command failed. See /var/log/ipareplica-install.log
>>> for more information
>>
>>
>> In /var/log/ipareplica-install.log we find:
>>
>> 2017-02-16T15:53:59Z DEBUG [27/44]: retrieving DS Certificate
>>> 2017-02-16T15:53:59Z DEBUG Loading Index file from
>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>> 2017-02-16T15:53:59Z DEBUG Starting external process
>>> 2017-02-16T15:53:59Z DEBUG args=/usr/bin/certutil -d
>>> /etc/dirsrv/slapd-IPA-RDMEDIA-COM/ -L -n IPA.RDMEDIA.COM IPA CA -a
>>> 2017-02-16T15:53:59Z DEBUG Process finished, return code=255
>>> 2017-02-16T15:53:59Z DEBUG stdout=
>>>
>>> *2017-02-16T15:53:59Z DEBUG stderr=certutil: Could not find cert:
>>> IPA.RDMEDIA.COM <http://IPA.RDMEDIA.COM> IPA CA: PR_FILE_NOT_FOUND_ERROR:
>>> File not found*
>>> 2017-02-16T15:53:59Z DEBUG Starting external process
>>> 2017-02-16T15:53:59Z DEBUG args=/usr/bin/certutil -d
>>> /etc/dirsrv/slapd-IPA-RDMEDIA-COM/ -N -f /etc/dirsrv/slapd-IPA-RDMEDIA-
>>> COM//pwdfile.txt
>>> 2017-02-16T15:53:59Z DEBUG Process finished, return code=0
>>> 2017-02-16T15:53:59Z DEBUG stdout=
>>> 2017-02-16T15:53:59Z DEBUG stderr=
>>> 2017-02-16T15:53:59Z DEBUG Starting external process
>>> 2017-02-16T15:53:59Z DEBUG args=/usr/bin/certutil -d
>>> /etc/dirsrv/slapd-IPA-RDMEDIA-COM/ -A -n IPA.RDMEDIA.COM IPA CA -t
>>> CT,C,C -a
>>> 2017-02-16T15:53:59Z DEBUG Process finished, return code=0
>>> 2017-02-16T15:53:59Z DEBUG stdout=
>>> 2017-02-16T15:53:59Z DEBUG stderr=
>>> 2017-02-16T15:53:59Z DEBUG certmonger request is in state
>>> dbus.String(u'NEWLY_ADDED_READING_KEYINFO', variant_level=1)
>>> 2017-02-16T15:54:04Z DEBUG certmonger request is in state
>>> dbus.String(u'CA_UNREACHABLE', variant_level=1)
>>> 2017-02-16T15:54:04Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-IPA-RDMEDIA-COM.socket
>>> from SchemaCache
>>> 2017-02-16T15:54:04Z DEBUG retrieving schema for SchemaCache
>>> url=ldapi://%2fvar%2frun%2fslapd-IPA-RDMEDIA-COM.socket
>>> conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x74efd40>
>>> 2017-02-16T15:54:05Z DEBUG duration: 5 seconds
>>> 2017-02-16T15:54:05Z DEBUG [28/44]: restarting directory server
>>> 2017-02-16T15:54:05Z DEBUG Starting external process
>>> 2017-02-16T15:54:05Z DEBUG args=/bin/systemctl --system daemon-reload
>>> 2017-02-16T15:54:05Z DEBUG Process finished, return code=0
>>> 2017-02-16T15:54:05Z DEBUG stdout=
>>> 2017-02-16T15:54:05Z DEBUG stderr=
>>> 2017-02-16T15:54:05Z DEBUG Starting external process
>>> 2017-02-16T15:54:05Z DEBUG args=/bin/systemctl restart
>>> dirsrv at IPA-RDMEDIA-COM.service
>>> 2017-02-16T15:54:06Z DEBUG Process finished, return code=1
>>> 2017-02-16T15:54:06Z DEBUG stdout=
>>> 2017-02-16T15:54:06Z DEBUG stderr=Job for dirsrv at IPA-RDMEDIA-COM.service
>>> failed because the control process exited with error code. See "systemctl
>>> status dirsrv at IPA-RDMEDIA-COM.service" and "journalctl -xe" for details.
>>> 2017-02-16T15:54:06Z CRITICAL Failed to restart the directory server
>>> (Command '/bin/systemctl restart dirsrv at IPA-RDMEDIA-COM.service'
>>> returned non-zero exit status 1). See the installation log for details.
>>> 2017-02-16T15:54:06Z DEBUG duration: 1 seconds
>>> 2017-02-16T15:54:06Z DEBUG [29/44]: setting up initial replication
>>> 2017-02-16T15:54:16Z DEBUG Traceback (most recent call last):
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>> line 449, in start_creation
>>> run_step(full_msg, method)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>> line 439, in run_step
>>> method()
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
>>> line 405, in __setup_replica
>>> self.dm_password)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py",
>>> line 118, in enable_replication_version_checking
>>> conn.do_simple_bind(bindpw=dirman_passwd)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1665, in do_simple_bind
>>> self.__bind_with_wait(self.simple_bind, timeout, binddn, bindpw)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1660, in __bind_with_wait
>>> self.__wait_for_connection(timeout)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1643, in __wait_for_connection
>>> wait_for_open_socket(lurl.hostport, timeout)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
>>> 1286, in wait_for_open_socket
>>> raise e
>>> error: [Errno 111] Connection refused
>>> 2017-02-16T15:54:16Z DEBUG [error] error: [Errno 111] Connection
>>> refused
>>> 2017-02-16T15:54:16Z DEBUG Destroyed connection context.ldap2_78478480
>>> 2017-02-16T15:54:16Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py",
>>> line 171, in execute
>>> return_value = self.run()
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py",
>>> line 318, in run
>>> cfgr.run()
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 310, in run
>>> self.execute()
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 332, in execute
>>> for nothing in self._executor():
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 372, in __runner
>>> self._handle_exception(exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 394, in _handle_exception
>>> six.reraise(*exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 362, in __runner
>>> step()
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 359, in <lambda>
>>> step = lambda: next(self.__gen)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py",
>>> line 81, in run_generator_with_yield_from
>>> six.reraise(*exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py",
>>> line 59, in run_generator_with_yield_from
>>> value = gen.send(prev_value)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 586, in _configure
>>> next(executor)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 372, in __runner
>>> self._handle_exception(exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 449, in _handle_exception
>>> self.__parent._handle_exception(exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 394, in _handle_exception
>>> six.reraise(*exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 446, in _handle_exception
>>> super(ComponentBase, self)._handle_exception(exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 394, in _handle_exception
>>> six.reraise(*exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 362, in __runner
>>> step()
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py",
>>> line 359, in <lambda>
>>> step = lambda: next(self.__gen)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py",
>>> line 81, in run_generator_with_yield_from
>>> six.reraise(*exc_info)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py",
>>> line 59, in run_generator_with_yield_from
>>> value = gen.send(prev_value)
>>> File "/usr/lib/python2.7/site-packages/ipapython/install/common.py",
>>> line 63, in _install
>>> for nothing in self._installer(self.parent):
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
>>> line 1714, in main
>>> promote(self)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
>>> line 364, in decorated
>>> func(installer)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
>>> line 1415, in promote
>>> promote=True, pkcs12_info=dirsrv_pkcs12_info)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
>>> line 127, in install_replica_ds
>>> api=remote_api,
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
>>> line 399, in create_replica
>>> self.start_creation(runtime=60)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>> line 449, in start_creation
>>> run_step(full_msg, method)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>> line 439, in run_step
>>> method()
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
>>> line 405, in __setup_replica
>>> self.dm_password)
>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py",
>>> line 118, in enable_replication_version_checking
>>> conn.do_simple_bind(bindpw=dirman_passwd)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1665, in do_simple_bind
>>> self.__bind_with_wait(self.simple_bind, timeout, binddn, bindpw)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1660, in __bind_with_wait
>>> self.__wait_for_connection(timeout)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>> 1643, in __wait_for_connection
>>> wait_for_open_socket(lurl.hostport, timeout)
>>> File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
>>> 1286, in wait_for_open_socket
>>> raise e
>>> 2017-02-16T15:54:16Z DEBUG The ipa-replica-install command failed,
>>> exception: error: [Errno 111] Connection refused
>>> 2017-02-16T15:54:16Z ERROR [Errno 111] Connection refused
>>> 2017-02-16T15:54:16Z ERROR The ipa-replica-install command failed. See
>>> /var/log/ipareplica-install.log for more information
>>>
>>
>> How can I troubleshoot this?
>>
>>
>>
>> --
>> Tiemen Ruiten
>> Systems Engineer
>> R&D Media
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
>
>
>
>
--
Tiemen Ruiten
Systems Engineer
R&D Media
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170216/08d8da34/attachment.htm>
More information about the Freeipa-users
mailing list