Chandan Kumar wrote:
Hello,
I am new to FreeIPA so far I have setup the Server and few test clients,
all went really smooth. However, I am having hard time in setting up the
replication and any help will great!.
I am using CentOS 6.4. Package Info
ipa-server-3.0.0-26.el6_4.2.x86_64
389-ds-base-1.2.11.15-12.el6_4.x86_64
I followed the steps mentioned in
http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Multi_Master_Replication.html
FYI, these are very out-of-date.
When I try to setup the replica with the replica prepare file from the
master with --skip-conneccheck (because krb is not running on UDP ports)
I don't understand, you got an error about KRB not running on the UDP ports?
ipa-replica-install /var/lib/ipa/replica-info-ipa02.ma.net.gpg
--skip-conncheck.
At the end I get below error
-----------------------------------------
[22/31]: setting up initial replication
Starting replication, please wait until this has completed.
[ipa01.ma.net <http://ipa01.ma.net>] reports: Update failed! Status: [-1
- LDAP error: Can't contact LDAP server]
Well, something is blocking the connection, or the server on ipa01 isn't
running. This is a really low-level networking error.
I also find similar error reported while setting up ipa on Fedora 18 at
https://www.redhat.com/archives/freeipa-users/2013-February/msg00440.html
But could not find its resolution.
We never heard back from the user. You're saying you see the same error?
I am able to connect to the 389/636 port from the slave. Firewall is off
on both ends and hostnames resolves properly.
On ipa02 you might try:
$ ldapsearch -x -H ldap://ipa01.ma.net -s base -b '' namingContexts
You might also try wireshark to monitor the connection request.
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
