On 10/24/2014 05:17 AM, Michael Lasevich wrote:
While upgrading from 4.0.1. to 4.1 on fedora 20 got following on one of the two
Upgrade failed with attribute "allowWeakCipher" not allowed
IPA upgrade failed.
DuplicateEntry: This entry already exists
It seems the ipa no longer starts up after this. The replica server seems to
have had same error,but it runs just fine.
From digging around, it appears that there are a number of GSS errors in
dirsrv and bind fails with something like:
named-pkcs11: ObjectStore.cpp(74): Failed to open token
named-pkcs11: sha1.c:92: fatal error:
named-pkcs11: RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST,
isc_boolean_true, isc_boolean_false, isc_boolean_false, ((void *)0), 0) == 0)
Any help would be appreciated
What Directory Server version do you use? This is an attribute introduced in
389-ds-base 1.3.3+ which should be included in the FreeIPA Copr (DS 1.3.3 is
native to F21+). CCing Ludwig to advise further.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project