Hi i have problem with freeipa replica installation log:
Starting replication, please wait until this has completed.
Update in progress, 12 seconds elapsed
[ldap://freeipa.mydomain.com:389] reports: Update failed! Status: [Error (-11)
connection error: Unknown connection error (-11) - Total update aborted]
[error] RuntimeError: Failed to start replication
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
Failed to start replication
The ipa-replica-install command failed. See /var/log/ipareplica-install.log for
more information
---------------------------------------- var/log/ipareplica-install.log
-------------------------------------------------------
2023-05-24T10:14:50Z DEBUG Waiting up to 300 seconds for replication
(ldapi://%2Frun%2Fslapd-MY-DOMAIN.COM.socket)
cn=meTofreeipa.mydomain.com,cn=replica,cn=dc\=xxx-poland\,dc\=com\,dc\=pl,cn=mapping
tree,cn=config (objectclass=*)
2023-05-24T10:14:50Z DEBUG Entry found
[LDAPEntry(ipapython.dn.DN('cn=meTofreeipa.mydomain.com,cn=replica,cn=dc\=xxx-com\,dc\=com\,dc\=pl,cn=mapping
tree,cn=config'), {'objectClass': [b'nsds5replicationagreement', b'top'],
'cn': [b'meTofreeipa.mydomain.com'], 'nsDS5ReplicaHost':
[b'freeipa.mydomain.com'], 'nsDS5ReplicaPort': [b'389'], 'nsds5replicaTimeout':
[b'120'], 'nsDS5ReplicaRoot': [b'dc=mydomain,dc=com,dc=pl'], 'description':
[b'me to freeipa.mydomain.com'], 'nsDS5ReplicatedAttributeList':
[b'(objectclass=*) $ EXCLUDE memberof idnssoaserial entryusn
krblastsuccessfulauth krblastfailedauth krbloginfailedcount
passwordgraceusertime'], 'nsDS5ReplicaTransportInfo': [b'LDAP'],
'nsDS5ReplicaBindMethod': [b'SASL/GSSAPI'], 'nsds5ReplicaStripAttrs':
[b'modifiersName modifyTimestamp internalModifiersName
internalModifyTimestamp'], 'nsDS5ReplicatedAttributeListTotal':
[b'(objectclass=*) $ EXCLUDE entryusn krblastsuccessfulauth krblastfailedauth
krbloginfailedcount passwordgraceusertime'],
'nsds5replicareapactive': [b'0'], 'nsds5replicaLastUpdateStart':
[b'19700101000000Z'], 'nsds5replicaLastUpdateEnd': [b'19700101000000Z'],
'nsds5replicaChangesSentSinceStartup': [b''], 'nsds5replicaLastUpdateStatus':
[b'Error (0) No replication sessions started since server startup'],
'nsds5replicaLastUpdateStatusJSON': [b'{"state": "green", "ldap_rc": "0",
"ldap_rc_text": "success", "repl_rc": "0", "repl_rc_text": "replica acquired",
"date": "2023-05-24T10:14:50Z", "message": "Error (0) No replication sessions
started since server startup"}'], 'nsds5replicaUpdateInProgress': [b'FALSE'],
'nsds5replicaLastInitStart': [b'19700101000000Z'], 'nsds5replicaLastInitEnd':
[b'19700101000000Z']})]
2023-05-24T10:15:04Z DEBUG Traceback (most recent call last):
File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line
686, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line
672, in run_step
method()
File "/usr/lib/python3.9/site-packages/ipaserver/install/dsinstance.py", line
430, in __setup_replica
repl.setup_promote_replication(
File "/usr/lib/python3.9/site-packages/ipaserver/install/replication.py",
line 1930, in setup_promote_replication
raise RuntimeError("Failed to start replication")
RuntimeError: Failed to start replication
2023-05-24T10:15:04Z DEBUG [error] RuntimeError: Failed to start replication
2023-05-24T10:15:04Z DEBUG Destroyed connection context.ldap2_140645096151696
2023-05-24T10:15:04Z DEBUG Backing up system configuration file
'/etc/ipa/default.conf'
2023-05-24T10:15:04Z DEBUG Saving Index File to
'/var/lib/ipa/sysrestore/sysrestore.index'
2023-05-24T10:15:04Z DEBUG Writing configuration file /etc/ipa/default.conf
2023-05-24T10:15:04Z DEBUG [global]
basedn = dc=mydomain,dc=com,dc=pl
host = freeipa-replica.mydomain.com
realm = My.REALM.COM
domain = mydomain.com
xmlrpc_uri = https://freeipa-replica.mydomain.com/ipa/xml
ldap_uri = ldapi://%2Frun%2Fslapd-MY-DOMAIN-COM.socket
mode = production
enable_ra = True
ra_plugin = dogtag
dogtag_version = 10
ca_host = freeipa.mydomain.com
2023-05-24T10:15:04Z DEBUG File
"/usr/lib/python3.9/site-packages/ipapython/admintool.py", line 180, in execute
return_value = self.run()
File "/usr/lib/python3.9/site-packages/ipapython/install/cli.py", line 344,
in run
return cfgr.run()
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 360,
in run
return self.execute()
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 386,
in execute
for rval in self._executor():
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 431,
in __runner
exc_handler(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 460,
in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python3.9/site-packages/six.py", line 709, in reraise
raise value
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 421,
in __runner
step()
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 418,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python3.9/site-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python3.9/site-packages/six.py", line 709, in reraise
raise value
File "/usr/lib/python3.9/site-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 655,
in _configure
next(executor)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 431,
in __runner
exc_handler(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 460,
in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 518,
in _handle_exception
self.__parent._handle_exception(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python3.9/site-packages/six.py", line 709, in reraise
raise value
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 515,
in _handle_exception
super(ComponentBase, self)._handle_exception(exc_info)
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python3.9/site-packages/six.py", line 709, in reraise
raise value
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 421,
in __runner
step()
File "/usr/lib/python3.9/site-packages/ipapython/install/core.py", line 418,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python3.9/site-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python3.9/site-packages/six.py", line 709, in reraise
raise value
File "/usr/lib/python3.9/site-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python3.9/site-packages/ipapython/install/common.py", line 65,
in _install
for unused in self._installer(self.parent):
File "/usr/lib/python3.9/site-packages/ipaserver/install/server/__init__.py",
line 599, in main
replica_install(self)
File
"/usr/lib/python3.9/site-packages/ipaserver/install/server/replicainstall.py",
line 401, in decorated
func(installer)
File
"/usr/lib/python3.9/site-packages/ipaserver/install/server/replicainstall.py",
line 1267, in install
ds = install_replica_ds(config, options, ca_enabled,
File
"/usr/lib/python3.9/site-packages/ipaserver/install/server/replicainstall.py",
line 100, in install_replica_ds
ds.create_replica(
File "/usr/lib/python3.9/site-packages/ipaserver/install/dsinstance.py", line
398, in create_replica
self.start_creation(runtime=30)
File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line
686, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line
672, in run_step
method()
File "/usr/lib/python3.9/site-packages/ipaserver/install/dsinstance.py", line
430, in __setup_replica
repl.setup_promote_replication(
File "/usr/lib/python3.9/site-packages/ipaserver/install/replication.py",
line 1930, in setup_promote_replication
raise RuntimeError("Failed to start replication")
2023-05-24T10:15:04Z DEBUG The ipa-replica-install command failed, exception:
RuntimeError: Failed to start replication
2023-05-24T10:15:04Z ERROR Failed to start replication
2023-05-24T10:15:04Z ERROR The ipa-replica-install command failed. See
/var/log/ipareplica-install.log for more information
---------------------------------------- master:
/var/log/dirsrv/slapd-MY-DOMAIN.COM/error
-------------------------------------------------------
[24/May/2023:11:47:02.653622389 +0200] - ERR - NSMMReplicationPlugin -
bind_and_check_pwp - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389) - Replication bind
with GSSAPI auth failed: LDAP error 49 (Invalid credentials)
()
[24/May/2023:11:47:08.700315039 +0200] - ERR - NSMMReplicationPlugin -
bind_and_check_pwp - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389) - Replication bind
with GSSAPI auth failed: LDAP error -1 (Can't contact LDAP
server) ()
[24/May/2023:11:47:16.774918557 +0200] - INFO - NSMMReplicationPlugin -
bind_and_check_pwp - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389): Replication bind
with GSSAPI auth resumed
[24/May/2023:11:47:17.035351907 +0200] - INFO - NSMMReplicationPlugin -
repl5_tot_run - Beginning total update of replica
"agmt="cn=meTofreeipa-replica.mydomain.com" (freeipa-r
eplica:389)".
[24/May/2023:11:47:29.357889007 +0200] - ERR - NSMMReplicationPlugin -
repl5_tot_log_operation_failure - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389): Recei
ved error -1 (Can't contact LDAP server): for total update operation
[24/May/2023:11:47:29.361891385 +0200] - ERR - NSMMReplicationPlugin -
release_replica - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389): Unable to send endRep
lication extended operation (Can't contact LDAP server)
[24/May/2023:11:47:29.363050079 +0200] - ERR - NSMMReplicationPlugin -
repl5_tot_run - Total update failed for replica
"agmt="cn=meTofreeipa-replica.mydomain.com" (freeipa-repl
ica:389)", error (-11)
[24/May/2023:11:47:29.382502138 +0200] - INFO - NSMMReplicationPlugin -
bind_and_check_pwp - agmt="cn=meTofreeipa-replica.mydomain.com"
(freeipa-replica:389): Replication bind
with GSSAPI auth resumed
---------------------------------------- About system
-------------------------------------------------------
Mater and Replica:
Os: Rocky Linux 9.2
IPA: 4.10.1
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
