I found it! dirsrv listens on ipv6 only. I had set net.ipv6.conf.all.disable_ipv6 and net.ipv6.conf.all.disable_ipv6 to 0, but apparently forgot to make the change permanent, so after the reboot ipv6 was disabled.
On Thu, 17 Nov 2022 at 18:50, Roberto Cornacchia < [email protected]> wrote: > This, however, works: > > # ldapsearch -H ldap://localhost:389 -x uid=roberto > # extended LDIF > # > # LDAPv3 > # base <dc=hq,dc=spinque,dc=com> (default) with scope subtree > # filter: uid=roberto > # requesting: ALL > # > > # roberto, users, compat, hq.spinque.com > dn: uid=roberto,cn=users,cn=compat,dc=hq,dc=spinque,dc=com > [.. omitted ..] > > > On Thu, 17 Nov 2022 at 18:44, Roberto Cornacchia < > [email protected]> wrote: > >> >>> You still have a replication agreement, and until its removed you will >>> keep seeing these messages. However it's not related to this issue though. >>> >> >> Good to know. I hope there is a way to force removal of that agreement. >> >>> - sometimes, but not always, this log also shows: >>> ERR - bdb_version_write - Could not open file >>> "/dev/shm/slapd-HQ-SPINQUE-COM/DBVERSION" for writing Netscape Portable >>> Runtime -5950 (File not found.) >>> >>> This might happen after a system reboot. It should be safe to ignore as >>> long as the server still starts :) >>> >> Again, good to know, thanks >> >>> So looking at the error log it looks like the server is started. Schema >>> compat plugin is doing its initialization which is very resource intensive, >>> but the server should still be working. >>> >>> Try doing a ldapsearch just to see if it's responding: >>> >>> ldapsearch -H ldap://localhost:389 -b "" -s base -D "cn=directory >>> manager" -W >>> >> Ouch, I don't have the directory manager password with me at the moment, >> I'll have to wait till tomorrow when I go to the office. >> The server is up and listening: >> >> # netstat -tulnp | grep 389 >> tcp6 0 0 :::389 :::* >> LISTEN 3575/ns-slapd >> >> However, it's not just a slow start. >> I can start all the other services via systemctl, so things seem ok, but >> when much later I do ipactl stop I get: >> >> # ipactl stop >> Failed to read data from Directory Service: Timeout exceeded >> Shutting down >> >> So, it's really not cooperating. >> >> >>
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
