On 28/10/14 06:14, Michael Lasevich wrote:
Running into same thing, but running ipa-dnsinstall does not complete:

=============================
Configuring DNS (named)
  [1/8]: generating rndc key file
WARNING: Your system is running out of entropy, you may experience long delays
  [2/8]: setting up our own record
  [3/8]: adding NS record to the zones
  [4/8]: setting up CA record
  [5/8]: setting up kerberos principal
  [6/8]: setting up named.conf
  [7/8]: configuring named to start on boot
  [8/8]: changing resolv.conf to point to ourselves
Done configuring DNS (named).
Configuring DNS key synchronization service (ipa-dnskeysyncd)
  [1/6]: checking status
  [2/6]: setting up kerberos principal
  [3/6]: setting up SoftHSM
  [4/6]: adding DNSSEC containers
  [5/6]: creating replica keys
  [error] DuplicateEntry: This entry already exists
Unexpected error - see /var/log/ipaserver-install.log for details:
DuplicateEntry: This entry already exists
=============================

Looking into the /var/log/ipaserver-install.log gets:
=============================
2014-10-28T05:01:24Z DEBUG Storing replica public key to LDAP, ipk11UniqueId=autogenerate,cn=keys,cn=sec,cn=dns,dc=my,dc=domain,dc=com 2014-10-28T05:01:24Z DEBUG flushing ldap://infra-dc-01.my.domain.com:389 from SchemaCache 2014-10-28T05:01:24Z DEBUG retrieving schema for SchemaCache url=ldap://infra-dc-01.my.domain.com:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x47d0d88>
2014-10-28T05:01:24Z DEBUG Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 382, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 372, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py", line 340, in __setup_replica_keys ldap.add_entry(entry) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1592, in add_entry self.conn.add_s(entry.dn, attrs.items()) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1169, in error_handler raise errors.DuplicateEntry()
DuplicateEntry: This entry already exists

2014-10-28T05:01:24Z DEBUG [error] DuplicateEntry: This entry already exists 2014-10-28T05:01:24Z DEBUG File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 646, in run_script
    return_value = main_function()
File "/sbin/ipa-dns-install", line 218, in main dnskeysyncd.create_instance(api.env.host, api.env.realm) File "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py", line 128, in create_instance self.start_creation() File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 382, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 372, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py", line 340, in __setup_replica_keys ldap.add_entry(entry) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1592, in add_entry self.conn.add_s(entry.dn, attrs.items()) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1169, in error_handler raise errors.DuplicateEntry() 2014-10-28T05:01:24Z DEBUG The ipa-dns-install command failed, exception: DuplicateEntry: This entry already exists
Hello Michael,

can you send me which entries do you have in cn=keys,cn=sec,cn=dns,dc=my,dc=domain,dc=com, it looks like directory server doesn't generate uniqueID for keys.

Do you have upgraded IPA or fresh installed?

Martin^2

--
Martin Basti

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to