[Freeipa-users] cannot connect to ldaps during replica install, port 636 not listening
Martin Basti
mbasti at redhat.com
Thu Mar 2 08:48:29 UTC 2017
On 02.03.2017 01:07, Chris Herdt wrote:
> I am attempting to set up a FreeIPA 4.4.0 replica on CentOS 7.3 from a
> FreeIPA 3.0.0 master on CentOS 6.8 following the steps at
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrading.html
>
> At this step:
> ipa-replica-install --ip-address=xxx.xxx.xxx.xxx --mkhomedir
> /var/lib/ipa/replica-info-replicaname.example.com.gpg
>
> I get the error:
> ERROR cannot connect to 'ldaps://master.example.com
> <http://master.example.com>'
>
> I ran ipa-replica-conncheck and found that port 636 is not accessible:
> Port check failed! Inaccessible port(s): 636 (TCP)
>
> The port is not blocked. I'm wondering where in the configuration for
> FreeIPA 3.0.0 I should check the LDAPS (mis)configuration, or if there
> is a way I can specify to use port 389 for setting up the replica.
>
> Thanks!
>
> --
> Chris Herdt
> Systems Administrator
>
>
Hello,
this is known issue only in FreeIPA 4.4.x, this will be fixed in next
minor update which should be released soon to RHEL7.3 (I don't know how
fast it will be in Centos)
so you can wait, or enable it manually (not nice)
sorry for troubles
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170302/1536e207/attachment.htm>
More information about the Freeipa-users
mailing list