[Freeipa-users] Replica install breaking ...

Fri Jul 15 21:57:35 UTC 2011

Does anyone have an idea why this isn't working?

If fixing this one is too hard, is there clean process I can follow to suck the data out of this installation, for implanting into a new one?

The only hard thing I've done so far is connect Zimbra and I'm reasonably sure I can re-do that, because I doc'd it when I did it (here, in fact).

David L. Willson
Trainer, Engineer, Enthusiast
RHCE MCT MCSE Network+ A+ Linux+ LPIC-1 NovellCLA UbuntuCP
tel://720.333.LANS
Freedom is better when you earn it. Learn Linux.

----- Original Message -----
> From: "David L. Willson" <DLWillson at thegeek.nu>
> To: "freeipa-users" <freeipa-users at redhat.com>
> Sent: Saturday, July 9, 2011 1:02:37 PM
> Subject: Re: [Freeipa-users] Replica install breaking on DS step 23 of 27	(master-entry.ldif)
> 
> Second round of tries today.
> I've tried dropping the firewall on both servers, and disabling
> enforcement for SELinux, and a full yum upgrade.
> No change in the symptoms so far... :-(
> Attached is /var/log/ipa* and below is my console output.
> Any hints? Clues? Links to things I should know to read?
> -------------------------------------------------------------
> [rmsel-admin at vizzini ~]$ sudo ipa-replica-install --setup-dns
> --forwarder=205.171.3.65 --forwarder=205.171.2.65
> replica-info-vizzini.rmsel.org.gpg
> Directory Manager (existing master) password:
> 
> Configuring ntpd
>   [1/4]: stopping ntpd
>   [2/4]: writing configuration
>   [3/4]: configuring ntpd to start on boot
>   [4/4]: starting ntpd
> done configuring ntpd.
> Configuring directory server: Estimated time 1 minute
>   [1/27]: creating directory server user
>   [2/27]: creating directory server instance
>   [3/27]: adding default schema
>   [4/27]: enabling memberof plugin
>   [5/27]: enabling referential integrity plugin
>   [6/27]: enabling winsync plugin
>   [7/27]: configuring replication version plugin
>   [8/27]: enabling IPA enrollment plugin
>   [9/27]: enabling ldapi
>   [10/27]: configuring uniqueness plugin
>   [11/27]: configuring uuid plugin
>   [12/27]: configuring modrdn plugin
>   [13/27]: enabling entryUSN plugin
>   [14/27]: configuring lockout plugin
>   [15/27]: creating indices
>   [16/27]: configuring ssl for ds instance
>   [17/27]: configuring certmap.conf
>   [18/27]: configure autobind for root
>   [19/27]: restarting directory server
>   [20/27]: setting up initial replication
> Starting replication, please wait until this has completed.
> Update in progress
> Update in progress
> Update in progress
> Update in progress
> Update in progress
> Update succeeded
>   [21/27]: adding replication acis
>   [22/27]: initializing group membership
>   [23/27]: adding master entry
> root        : CRITICAL Failed to load master-entry.ldif: Command
> '/usr/bin/ldapmodify -h vizzini.rmsel.org -v -f /tmp/tmp0uC6BQ -x -D
> cn=Directory Manager -y /tmp/tmp4KPcxN' returned non-zero exit
> status 32
>   [24/27]: configuring Posix uid/gid generation
>   [25/27]: enabling compatibility plugin
>   [26/27]: tuning directory server
> Custom file limits are already set! Skipping
> 
>   [27/27]: configuring directory to start on boot
> done configuring dirsrv.
> Configuring Kerberos KDC: Estimated time 30 seconds
>   [1/10]: adding sasl mappings to the directory
>   [2/10]: writing stash file from DS
>   [3/10]: configuring KDC
>   [4/10]: creating a keytab for the directory
> creation of replica failed: [Errno 2] No such file or directory:
> '/etc/dirsrv/ds.keytab'
> 
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
> 
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users