On 5/13/15 9:13 AM, Rich Megginson wrote:
On 05/13/2015 10:04 AM, Janelle wrote:
On 5/13/15 8:49 AM, Rich Megginson wrote:
On 05/13/2015 09:40 AM, Janelle wrote:
Recently I started seeing these crop up across my servers:

slapi_ldap_bind - Error: could not bind id [cn=Replication Manager masterAgreement1-ipa01.example.com-pki-tomcat,ou=csusers,cn=config] authentication mechanism [SIMPLE]: error 32 (No such object) errno 0 (Success)

Does that entry exist?

ldapsearch -xLLL -h consumer.host -D "cn=directory manager" -W -s base -b "cn=Replication Manager masterAgreement1-ipa01.example.com-pki-tomcat,ou=csusers,cn=config"

Does the parent exist?

ldapsearch -xLLL -h consumer.host -D "cn=directory manager" -W -s base -b "ou=csusers,cn=config"

I am finding that there does seem to be a relation to the above error and a possible CSN issue:

Can't locate CSN 555131e5000200190000 in the changelog (DB rc=-30988). If replication stops, the consumer may need to be reinitialized.

I guess what concerns me is what could be causing this. We don't do a lot of changes all the time.

And in answer to the question above - we seem to have last the agreement somehow:

No such object (32)


Is there a DEL operation in the access log for "cn=Replication Manager masterAgreement1-ipa01.example.com-pki-tomcat,ou=csusers,cn=config"?

maybe something like

# grep DEL /var/log/dirsrv/slapd-INST/access|grep -i "Replication Manager"

nope -- none of the servers have it.

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to