Just installed a fresh RHEL 6.3 VM with IPA 2.2..0-16.el6 on our new ESXi host, after preparing migration mode as well as adding necessary objectclasses, tried
to run following:
ipa -d migrate-ds ldap://openldap:389 --bind-dn=cn=Manager --group-container=ou=group --schema=RFC2307 --with-compat --group-objectclass=posixGroup


It failed promptly with this:
=====
ipa: DEBUG: approved_usage = SSLServer intended_usage = SSLServer
ipa: DEBUG: cert valid True for "CN=ipa1.sri.utoronto.ca,O=SRI.UTORONTO.CA"
ipa: DEBUG: handshake complete, peer = IP_of_ipa1:443
ipa: DEBUG: Caught fault 4203 from server http://ipa1.sri.utoronto.ca/ipa/xml: Can't contact LDAP server:
ipa: DEBUG: Destroyed connection context.xmlclient
ipa: ERROR: Can't contact LDAP server:
=====

/var/log/dirsrv/access shows:
=====
[12/Aug/2012:07:53:26 -0400] conn=81 op=6 SRCH base="cn=accounts,dc=sri,dc=utoronto,dc=ca" scope=2 filter="(&(uid=postfix)(objectClass=posixAccount))" attrs="objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn memberOf nsUniqueId modifyTimestamp entryusn shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdattribute authorizedService accountexpires useraccountcontrol nsAccountLock host logindisabled loginexpirationtime loginallowedtimemap ipaSshPubKey" [12/Aug/2012:07:53:26 -0400] conn=81 op=6 RESULT err=0 tag=101 nentries=0 etime=0
=====

Previous installation of VBox VM (RHEL 6.3 with IPA ) did not have this problem.

Please help,

Thanks,
Qing

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to