HI anyone please help me to fix this.
Regards, Ben On Wed, Jan 4, 2017 at 3:12 PM, Ben .T.George <bentech4...@gmail.com> wrote: > HI > > port 8009 is not listening in master server > > and i added ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 in hosts file. > > still getting same error > > [28/44]: restarting directory server > ipa : CRITICAL Failed to restart the directory server (Command > '/bin/systemctl restart dirsrv@KW-EXAMPLE-COM.service' returned non-zero > exit status 1). See the installation log for details. > [29/44]: setting up initial replication > [error] error: [Errno 111] Connection refused > Your system may be partly configured. > Run /usr/sbin/ipa-server-install --uninstall to clean up. > > ipa.ipapython.install.cli.install_tool(Replica): ERROR [Errno 111] > Connection refused > ipa.ipapython.install.cli.install_tool(Replica): ERROR The > ipa-replica-install command failed. See /var/log/ipareplica-install.log > for more information > > > Also ipv6 is disabled on both nodes > > Regards, > Ben > > On Wed, Jan 4, 2017 at 2:05 PM, Petr Vobornik <pvobo...@redhat.com> wrote: > >> On 01/04/2017 10:59 AM, Ben .T.George wrote: >> > HI >> > >> > i tried the method mentioned on that document and it end up with below >> error. My >> > DNS is managed by external box and i dont want to create any DNS record >> on these >> > servers. >> > >> > and the command which i tried is(non client server) >> > >> > ipa-replica-install --principal admin --admin-password P@ssw0rd >> --domain >> > kw.example.com <http://kw.example.com> --server >> zkwipamstr01.kw.example.com >> > <http://zkwipamstr01.kw.example.com> >> > >> > >> > >> > ipa : CRITICAL Failed to restart the directory server (Command >> > '/bin/systemctl restart dirsrv@KW-EXAMPLE-COM.service' returned >> non-zero exit >> > status 1). See the installation log for details. >> > [29/44]: setting up initial replication >> > [error] error: [Errno 111] Connection refused >> > Your system may be partly configured. >> > Run /usr/sbin/ipa-server-install --uninstall to clean up. >> > >> > ipa.ipapython.install.cli.install_tool(Replica): ERROR [Errno 111] >> Connection >> > refused >> > ipa.ipapython.install.cli.install_tool(Replica): ERROR The >> > ipa-replica-install command failed. See /var/log/ipareplica-install.log >> for more >> > information >> >> This looks like bug https://fedorahosted.org/freeipa/ticket/6575 >> >> To verify that, could you check if master server internally listens on >> port 8009 or if ipareplica-install.log contains CA_UNREACHABLE string >> near step 27. >> >> Usual fix is to add following line to /etc/hosts >> ::1 localhost localhost.localdomain localhost6 >> localhost6.localdomain6 >> >> >> > [root@zkwiparepa01 ~]# /bin/systemctl restart >> dirsrv@KW-EXAMPLE-COM.service >> > Job for dirsrv@KW-EXAMPLE-COM.service failed because the control >> process exited >> > with error code. See "systemctl status dirsrv@KW-EXAMPLE-COM.service" >> and >> > "journalctl -xe" for details. >> > >> > [root@zkwiparepa01 ~]# systemctl status dirsrv@KW-EXAMPLE-COM.service >> > ● dirsrv@KW-EXAMPLE-COM.service - 389 Directory Server KW-EXAMPLE-COM. >> > Loaded: loaded (/usr/lib/systemd/system/dirsrv@.service; enabled; >> vendor >> > preset: disabled) >> > Active: failed (Result: exit-code) since Wed 2017-01-04 12:54:46 >> AST; 13s ago >> > Process: 14893 ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i >> -i >> > /var/run/dirsrv/slapd-%i.pid (code=exited, status=1/FAILURE) >> > Process: 14887 ExecStartPre=/usr/sbin/ds_systemd_ask_password_acl >> > /etc/dirsrv/slapd-%i/dse.ldif (code=exited, status=0/SUCCESS) >> > Main PID: 14893 (code=exited, status=1/FAILURE) >> > >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.177617891 +0300] Error: >> > betxnpostoperation plu...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.178379752 +0300] Error: object >> plugin >> > Roles Pl...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.179162340 +0300] Error: >> preoperation >> > plugin su...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.179993432 +0300] Error: object >> plugin USN >> > is n...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.181305209 +0300] Error: object >> plugin >> > Views is...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > ns-slapd[14893]: [04/Jan/2017:12:54:46.182094981 +0300] Error: >> extendedop plugin >> > whoa...arted >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > systemd[1]: dirsrv@KW-EXAMPLE-COM.service: main process exited, >> code=exited, >> > status=1/FAILURE >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > systemd[1]: Failed to start 389 Directory Server KW-EXAMPLE-COM.. >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > systemd[1]: Unit dirsrv@KW-EXAMPLE-COM.service entered failed state. >> > Jan 04 12:54:46 zkwiparepa01.kw.example.com < >> http://zkwiparepa01.kw.example.com> >> > systemd[1]: dirsrv@KW-EXAMPLE-COM.service failed. >> > Hint: Some lines were ellipsized, use -l to show in full. >> > >> > >> > >> > Regards, >> > Ben >> > >> > >> > On Wed, Jan 4, 2017 at 11:19 AM, Martin Babinsky <mbabi...@redhat.com >> > <mailto:mbabi...@redhat.com>> wrote: >> > >> > On 01/04/2017 07:21 AM, Ben .T.George wrote: >> > >> > HI >> > >> > while trying to create ipa replica, i am getting below error, >> > >> > Replica creation using 'ipa-replica-prepare' to generate >> replica file >> > is supported only in 0-level IPA domain. >> > >> > The current IPA domain level is 1 and thus the replica must >> > be created by promoting an existing IPA client. >> > >> > To set up a replica use the following procedure: >> > 1.) set up a client on the host using 'ipa-client-install' >> > 2.) promote the client to replica running >> 'ipa-replica-install' >> > *without* replica file specified >> > >> > 'ipa-replica-prepare' is allowed only in domain level 0 >> > The ipa-replica-prepare command failed. >> > >> > >> > i have IPA master server without AD integration and DNS is >> managed by >> > 3rd party appliances. >> > >> > >> > >> > Regards, >> > Ben >> > >> > >> > >> > Hi Ben, >> > >> > If you installed IPA 4.4 server then domain level 1 is the default. >> This >> > domain level uses different mechanism to stand up replicas. See the >> latest >> > IdM documentation[1] for more details. >> > >> > [1] >> > https://access.redhat.com/documentation/en-US/Red_Hat_Enter >> prise_Linux/7/html/Linux_Domain_Identity_Authentication_and_ >> Policy_Guide/creating-the-replica.html >> > <https://access.redhat.com/documentation/en-US/Red_Hat_Ente >> rprise_Linux/7/html/Linux_Domain_Identity_Authentication_ >> and_Policy_Guide/creating-the-replica.html> >> > >> > -- >> > Martin^3 Babinsky >> > >> > -- >> > Manage your subscription for the Freeipa-users mailing list: >> > https://www.redhat.com/mailman/listinfo/freeipa-users >> > <https://www.redhat.com/mailman/listinfo/freeipa-users> >> > Go to http://freeipa.org for more info on the project >> > >> > >> > >> > >> >> >> -- >> Petr Vobornik >> > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
