Ah, I see. I see an issue in this downstream version of IPA which prevents ipa-replica-install to report correct error.
In your case, the problem will be that either: 1) "cn=Directory Manager"'s password is not correct 2) master cannot be reached with ldapsearch (I wonder why you run ipa-replica-install with --skip-conncheck) You can verify both with simple ldapsearch: # ldapsearch -h fqdn.of.your.ipa.master -W -D "cn=Directory Manager" -x -b "" -s base This command will probably fail in your case - possibly because of too strict firewall settings. Martin On 07/23/2013 11:27 PM, Aissa Brahimi wrote: > Martin > > My setting: > > - CentOS 6.x > - FreeIPA version: 3.0.0 > > 2 server, the master was installed and running as show bellow: > > > [abrahimi@ipa01 publish]$ sudo /etc/init.d/ipa status > Directory Service: RUNNING > KDC Service: RUNNING > KPASSWD Service: RUNNING > DNS Service: RUNNING > MEMCACHE Service: RUNNING > HTTP Service: RUNNING > CA Service: RUNNING > > Let me know > > Regards, > > AB > > > On Tue, Jul 23, 2013 at 12:13 AM, Martin Kosek <mko...@redhat.com> wrote: > >> On 07/23/2013 01:31 AM, Aissa Brahimi wrote: >>> [abrahimi@ipa02 ipa]$ sudo ipa-replica-install --setup-dns >>> --forwarder=220.127.116.11 --no-reverse replica-info-ipa02.company.com gpg >>> --skip-conncheck >>> [sudo] password for abrahimi: >>> Directory Manager (existing master) password: >>> >>> >>> Your system may be partly configured. >>> Run /usr/sbin/ipa-server-install --uninstall to clean up. >>> >>> Unexpected error - see /var/log/ipareplica-install.log for details: >>> UnboundLocalError: local variable 'replman' referenced before assignment >>> >> >> Hello Aissa, >> >> What version of FreeIPA are you running? On which OS? >> >> I checked current FreeIPA code in git and it should not be capable of >> raising >> this error message so there must have been some changes... >> >> Martin >> > > > _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users