The dirsrv log just shows a bunch of the following:
[13/Oct/2017:14:32:07.132312021 -0600] - ERR - slapi_ldap_bind - Error:
could not bind id [cn=Replication Manager cloneAgreement1-ipa
2.chem.byu.edu-pki-tomcat,ou=csusers,cn=config] authentication mechanism
[SIMPLE]: error 32 (No such object)

That makes sense though since pki-tomcat won't start.  Rob was asking what
was in the logs located at /var/log/pki/pki-tomcat/ca/debug, but that path
doesn't exist on any of my IPA servers.  He said that would normally be the
first place to look.  Hence, I am looking for other solutions.

On Thu, Oct 26, 2017 at 12:37 PM, Jochen Hein <joc...@jochen.org> wrote:

> Kristian Petersen via FreeIPA-users
> <freeipa-users@lists.fedorahosted.org> writes:
>
> > When I recently updated one of my IPA servers (it reports
> > 4.5.0-21.el7_4.1.2 in yum), the result was that it could not start back
> up
> > because pki-tomcatd kept failing.  I was able to get it running for now
> by
> > ignoring the failure of that one service, but I haven't been able to to
> > determine the cause.  The logs are pretty quiet on this one.  They show
> the
> > failure itself, but not information that helps me fix the problem.
>
> Can you show the relevant logs?  Is there something in the dirsrv logs
> at that time?  CA logs aren't easy to read, but should give at least a
> hint where to look further.
>
> Jochen
>
> --
> This space is intentionally left blank.
>



-- 
Kristian Petersen
System Administrator
Dept. of Chemistry and Biochemistry
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to