On 12/15/2014 10:16 AM, dbisc...@hrz.uni-kassel.de wrote: > Hi, > > On Tue, 25 Nov 2014, Rich Megginson wrote: > >> On 11/25/2014 12:32 PM, dbisc...@hrz.uni-kassel.de wrote: >>> >>> with the help of Thierry and Rich I managed to debug the running ns-slapd on >>> Server1 (see below). The failing attempt of decoding the SASL data returns a >>> not very fruitful "-1" (SASL_FAIL, "generic failure"). >>> >>> Any ideas? Short summary: >>> >>> Server1 = running IPA server >>> Server2 = intended IPA replica >>> >>> Both machines run the exact same, up-to-date version of CentOS 6.6. However: >>> I had to run "ipa-replica-install" _without_ the option "--setup-ca" (didn't >>> work, installation failed with some obscure Perl error), so there's no >>> ns-slapd instance running for PKI-IPA. May this be related? >> [...] >> At this point, it's going to take more than a trivial amount of high latency >> back-and-forth on the mailling lists. I think we have probably run out of >> log levels for you to try. Please open a ticket against IPA. While this may >> turn out to be a bug in 389, at the moment it is only reproducible in your >> IPA environment. >> [...] > > I've opened Ticket #4807 > https://fedorahosted.org/freeipa/ticket/4807 > on this issue.
Thanks. See my comment https://fedorahosted.org/freeipa/ticket/4807#comment:1 - as mentioned in the thread, we will need more data/cooperation to continue with this one. Thanks, Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
