While upgrading from 4.0.1. to 4.1 on fedora 20 got following on one of the
two boxes:

Upgrade failed with attribute "allowWeakCipher" not allowed
IPA upgrade failed.
Unexpected error
DuplicateEntry: This entry already exists

It seems the ipa no longer starts up after this. The replica server seems
to have had same error,but it runs just fine.

>From digging around, it appears that there are a number of GSS errors in
dirsrv and bind fails with something like:

named-pkcs11[2212]: ObjectStore.cpp(74): Failed to open token
named-pkcs11[2212]: sha1.c:92: fatal error:
named-pkcs11[2212]: RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST,
isc_boolean_true, isc_boolean_false, isc_boolean_false, ((void *)0), 0) ==
0) failed

Any help would be appreciated

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to