Hello, I'm running ipa on centos 7.3 with the latest patches applied.
It seem to run fine however the ipa-dnskeysyncd keeps failing to start and I keep seeing this message in my logs: ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind... python2[25663]: GSSAPI client step 1 python2[25663]: GSSAPI client step 1 ns-slapd[2569]: GSSAPI server step 1 python2[25663]: GSSAPI client step 1 ns-slapd[2569]: GSSAPI server step 2 python2[25663]: GSSAPI client step 2 ns-slapd[2569]: GSSAPI server step 3 ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO Initial LDAP dump is done, sychronizing with ODS and BIND python2[25674]: GSSAPI client step 1 python2[25674]: GSSAPI client step 1 ns-slapd[2569]: GSSAPI server step 1 python2[25674]: GSSAPI client step 1 ns-slapd[2569]: GSSAPI server step 2 python2[25674]: GSSAPI client step 2 ns-slapd[2569]: GSSAPI server step 3 ipa-dnskeysyncd[25663]: Traceback (most recent call last): ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line 110, in <module> ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1, msgid=ldap_search): ipa-dnskeysyncd[25663]: File "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in syncrepl_poll ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone() ipa-dnskeysyncd[25663]: File "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line 115, in syncrepl_refreshdone ipa-dnskeysyncd[25663]: self.hsm_replica_sync() ipa-dnskeysyncd[25663]: File "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line 181, in hsm_replica_sync ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA]) ipa-dnskeysyncd[25663]: File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494, in run ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode, arg_string, str(output)) ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit status 1 systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited, status=1/FAILURE systemd[1]: Unit ipa-dnskeysyncd.service entered failed state. systemd[1]: ipa-dnskeysyncd.service failed. for some reason the ipa-dnskeysyncd keeops crashing. Anybody know where to start looking for this one ? Rob Verduijn
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project