David L. Willson wrote:
Does anyone have an idea why this isn't working?

If fixing this one is too hard, is there clean process I can follow to suck the 
data out of this installation, for implanting into a new one?

The only hard thing I've done so far is connect Zimbra and I'm reasonably sure 
I can re-do that, because I doc'd it when I did it (here, in fact).

David L. Willson
Trainer, Engineer, Enthusiast
RHCE MCT MCSE Network+ A+ Linux+ LPIC-1 NovellCLA UbuntuCP
tel://720.333.LANS
Freedom is better when you earn it. Learn Linux.

----- Original Message -----
From: "David L. Willson"<dlwill...@thegeek.nu>
To: "freeipa-users"<freeipa-users@redhat.com>
Sent: Saturday, July 9, 2011 1:02:37 PM
Subject: Re: [Freeipa-users] Replica install breaking on DS step 23 of 27       
(master-entry.ldif)

Second round of tries today.
I've tried dropping the firewall on both servers, and disabling
enforcement for SELinux, and a full yum upgrade.
No change in the symptoms so far... :-(
Attached is /var/log/ipa* and below is my console output.
Any hints? Clues? Links to things I should know to read?
-------------------------------------------------------------
[rmsel-admin@vizzini ~]$ sudo ipa-replica-install --setup-dns
--forwarder=205.171.3.65 --forwarder=205.171.2.65
replica-info-vizzini.rmsel.org.gpg
Directory Manager (existing master) password:

Configuring ntpd
   [1/4]: stopping ntpd
   [2/4]: writing configuration
   [3/4]: configuring ntpd to start on boot
   [4/4]: starting ntpd
done configuring ntpd.
Configuring directory server: Estimated time 1 minute
   [1/27]: creating directory server user
   [2/27]: creating directory server instance
   [3/27]: adding default schema
   [4/27]: enabling memberof plugin
   [5/27]: enabling referential integrity plugin
   [6/27]: enabling winsync plugin
   [7/27]: configuring replication version plugin
   [8/27]: enabling IPA enrollment plugin
   [9/27]: enabling ldapi
   [10/27]: configuring uniqueness plugin
   [11/27]: configuring uuid plugin
   [12/27]: configuring modrdn plugin
   [13/27]: enabling entryUSN plugin
   [14/27]: configuring lockout plugin
   [15/27]: creating indices
   [16/27]: configuring ssl for ds instance
   [17/27]: configuring certmap.conf
   [18/27]: configure autobind for root
   [19/27]: restarting directory server
   [20/27]: setting up initial replication
Starting replication, please wait until this has completed.
Update in progress
Update in progress
Update in progress
Update in progress
Update in progress
Update succeeded
   [21/27]: adding replication acis
   [22/27]: initializing group membership
   [23/27]: adding master entry
root        : CRITICAL Failed to load master-entry.ldif: Command
'/usr/bin/ldapmodify -h vizzini.rmsel.org -v -f /tmp/tmp0uC6BQ -x -D
cn=Directory Manager -y /tmp/tmp4KPcxN' returned non-zero exit
status 32
   [24/27]: configuring Posix uid/gid generation
   [25/27]: enabling compatibility plugin
   [26/27]: tuning directory server
Custom file limits are already set! Skipping

   [27/27]: configuring directory to start on boot
done configuring dirsrv.
Configuring Kerberos KDC: Estimated time 30 seconds
   [1/10]: adding sasl mappings to the directory
   [2/10]: writing stash file from DS
   [3/10]: configuring KDC
   [4/10]: creating a keytab for the directory
creation of replica failed: [Errno 2] No such file or directory:
'/etc/dirsrv/ds.keytab'

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.

It is failing trying to create the ldap principal:

add_principal: Principal add failed: No such object while creating "ldap/vizzini.rmsel....@rmsel.org".

Can you look in the 389-ds access log on that machine to see what wasn't found?

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to