Rich Megginson wrote:
On 09/16/2013 03:21 AM, Charlie Derwent wrote:
Hi
Update on the errors
kinit charlesd
kinit: Generic error (see e-text) while getting initial credentials
krb5kdc.log - LOOKING_UP_CLIENT: charl...@example.com
<mailto:charl...@example.com> for krbtg/example....@example.com
<mailto:example....@example.com>, Server Error
Starting the IPA service (dirsrv in particular) gives
Failed to read data from Directory Service: Failed to get list of
services to probe status!
Configured hostname 'ipa3.example.com <http://ipa3.example.com>'
doesn't match any master server in LDAP:
No master found because of error: {'matched': dc=example,dc=com',
'desc': 'No such object'}
Shutting down
The errors log has a load of different services schema-compat-plugin.
dna-plugin, ipalockout_preop/postop all complaining in one way or
another about being unable to retrieve entries or no entries being set up.


I think you'll have to use the workaround where you change replication
to use simple bind in order to initialize the consumer, then switch back
to sasl/gssapi.

Simo/Rob - which ticket was this?  Does freeipa.org have the workaround?

http://freeipa.org/page/TroubleshootingGuide#Replica_Re-Initialization

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to