On 02/08/2015 08:35 AM, alireza baghery wrote:
iptables and firewalls stop
and on both server execute nslookup ipasrv and nslookup replica
output successfully
Please reply on the list.
Next thing I would check if the SSH command actually makes it from
replica to master by monitoring SSH logs.
If it does not (which I think the case) then it is still a DNS problem.
Can you please check that both servers actually resolve each other's
name to the same IP address?
On Sun, Feb 8, 2015 at 3:58 PM, Dmitri Pal <[email protected]
<mailto:[email protected]>> wrote:
On 02/08/2015 03:10 AM, alireza baghery wrote:
hi
i install ipa on centos 6.5
and want install replica
for purpose i do the following task:
ipa-install-prepare --ip-address (replica) replica....
(replica) namserver ipa
(replica) ipa-replica-install
but in Connetcon Check get ERROR
=======message stdout replica=======
Connection from replica to master is OK.
Start listening on required ports for remote master check
Get credentials to log in to remote master
admin@********* password:
Execute check on remote master
Remote master check failed with following error message(s):
Connection check failed!
Please fix your network settings according to error messages above.
If the check results are not valid it can be skipped with
--skip-conncheck parameter.
=========message log in /var/log/ipa-replication-connection-check
=====================
2015-02-08T07:41:30Z DEBUG args=/usr/bin/kinit admin@IPA*****
2015-02-08T07:41:30Z DEBUG stdout=Password for admin@IPA*****:
2015-02-08T07:41:30Z DEBUG stderr=
2015-02-08T07:41:30Z DEBUG args=/usr/bin/kvno host/ipa********
2015-02-08T07:41:30Z DEBUG stdout=host/ipa*****@IPA******: kvno = 2
2015-02-08T07:41:30Z DEBUG stderr=
2015-02-08T07:41:30Z DEBUG args=/usr/bin/ssh -q -o
StrictHostKeychecking=no -o UserKnownHostsFile=/dev/null
admin@ipa**** /usr/sbin/ipa-replica-conncheck --replica
replica*******
2015-02-08T07:41:30Z DEBUG stdout=
2015-02-08T07:41:30Z DEBUG stderr=
=================================
tnx
Check your firewall and DNS settings.
One problem can be that replica incorrectly resolves master.
Another that FW blocks access from replica to master.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
