sudo ipa-replica-conncheck --replica for all replicas comes back with
... The following UDP ports could not be verified as open: 88, 464 This can happen if they are already bound to an application and ipa-replica-conncheck cannot attach own UDP responder. Connection from master to replica is OK. ipa-replica-manage -v list $REPLICA fails w/ Failed to get data from 'REPLICA': Invalid credentials SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context The common error is: nsds5replicaLastUpdateStatus: -2 - LDAP error: Local error On Thu, Sep 4, 2014 at 11:21 AM, Fredy Sanchez <fredy.sanc...@modmed.com> wrote: > I should add that we already tried everything at > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html > > > On Thu, Sep 4, 2014 at 11:11 AM, Guillermo Fuentes < > guillermo.fuen...@modernizingmedicine.com> wrote: > >> Hello list, >> >> We’re running FreeIPA with a master and 3 replicas. The replication >> stopped working and currently we’re adding resources only to the >> master. This is the environment we have: >> m1: >> OS: CentOS release 6.5 >> FreeIPA: 3.0.0-37 >> CA: pki-ca-9.0.3 >> >> >> # ipa-replica-manage list -v `hostname` >> m2.example.com: replica >> last init status: None >> last init ended: None >> last update status: 49 - LDAP error: Invalid credentials >> last update ended: None >> m3.example.com: replica >> last init status: None >> last init ended: None >> last update status: 0 Replica acquired successfully: Incremental >> update succeeded >> last update ended: 2014-09-04 14:28:44+00:00 >> m4.example.com: replica >> last init status: None >> last init ended: None >> last update status: -2 - LDAP error: Local error >> last update ended: None >> >> m2: >> OS: CentOS release 6.5 >> FreeIPA: 3.0.0-37 >> >> # ipa-replica-manage list -v `hostname` >> m1.example.com: replica >> last init status: None >> last init ended: None >> last update status: -1 Incremental update has failed and requires >> administrator actionLDAP error: Can't contact LDAP server >> last update ended: 2014-09-03 22:53:21+00:00 >> >> m3: >> OS: CentOS release 6.5 >> FreeIPA: 3.0.0-37 >> >> # ipa-replica-manage list -v `hostname` >> m1.example.com: replica >> last init status: None >> last init ended: None >> last update status: 0 Replica acquired successfully: Incremental >> update succeeded >> last update ended: 2014-09-04 14:31:51+00:00 >> >> m4: >> OS: CentOS release 6.5 >> FreeIPA: 3.3.3-28 >> >> # ipa-replica-manage list -v `hostname` >> m1.example.com: replica >> last init status: None >> last init ended: None >> last update status: 49 Unable to acquire replicaLDAP error: Invalid >> credentials >> last update ended: None >> >> >> Note that although m3 reports “Incremental update succeeded”, users >> created on m1 are not replicated to m3, and users created on m3 are >> not replicated back to m1. >> >> We’ve tried different things including re-initializing m2. >> >> Can somebody point me in the right direction to get replication going >> again? >> >> Thanks in advance! >> >> Guillermo >> >> -- >> Manage your subscription for the Freeipa-users mailing list: >> https://www.redhat.com/mailman/listinfo/freeipa-users >> Go To http://freeipa.org for more info on the project > > > > > -- > Cheers, > > Fredy Sanchez > IT Manager @ Modernizing Medicine > 561-880-2998 x237 > fredy.sanc...@modmed.com > > Need IT support? Visit https://mmit.zendesk.com > > - > > > - > > -- Cheers, Fredy Sanchez IT Manager @ Modernizing Medicine 561-880-2998 x237 fredy.sanc...@modmed.com Need IT support? Visit https://mmit.zendesk.com - -
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project