It started working after a few minutes. On Sat, Feb 9, 2013 at 9:34 PM, Rajnesh Kumar Siwal <rajnesh.si...@gmail.com> wrote: > We have setup an IPA replica server on the environment using the > following command:- > #ipa-replica-install --setup-dns --setup-ca --forwarder=192.168.1.204 > /var/lib/ipa/replica-info-ipa2.labs.local.gpg > > There is a client authenticating against it. > If I shutdown the ipa1 (Master server), the client does not falls back > and authenticate against ipa2 (the replica) > > Logs that can be seen at IPA2 :- > [09/Feb/2013:15:52:50 +0000] slapi_ldap_bind - Error: could not > perform interactive bind for id [] mech [GSSAPI]: error -1 (Can't > contact LDAP server) > [09/Feb/2013:15:56:02 +0000] slapd_ldap_sasl_interactive_bind - Error: > could not perform interactive bind for id [] mech [GSSAPI]: LDAP error > -1 (Can't contact LDAP server) ((null)) errno 107 (Transport endpoint > is not connected) > [09/Feb/2013:15:56:02 +0000] slapi_ldap_bind - Error: could not > perform interactive bind for id [] mech [GSSAPI]: error -1 (Can't > contact LDAP server) > > > nslookup from the IPA client :- > [root@testvm ~]# nslookup -type=srv _kerberos._tcp.labs.local > Server: 192.168.1.207 > Address: 192.168.1.207#53 > > _kerberos._tcp.labs.local service = 0 100 88 ipa2.labs.local. > _kerberos._tcp.labs.local service = 0 100 88 ipa.labs.local. > --------------------------------------------------------------------------------------------------------------------------------------- > > Please suggest how to use ipa2 for authentication purpose. > > -- > Regards, > Rajnesh Kumar Siwal
-- Regards, Rajnesh Kumar Siwal _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users