Hi Jochen,

Thanks for your quick reply! As I just left the office I don't have the log 
ATM. The installation however failed after setting up de Tomcat PKI service, 
where the ipa-replica-install script was waiting for the service to come up. 
While manually trying to reach the service using Curl, I also never got a 
response. After running the Tomcat PKI service manually, I got an error stating 
that the user "cn=<replica>,cn=config" doesn't exist in the directory. When 
manually querying the directory I noticed the same, it did however exist with 
an additional CN. I will retry the replication excersise next monday and 
hopefully your tip will help me. Then I can also provide the logs. I will keep 
you updated!

Thanks,

Bennie

-------- Original Message --------
Subject: Re: [Freeipa-users] FreeIPA update guidance
Local Time: April 21, 2017 5:29 PM
UTC Time: April 21, 2017 3:29 PM
From: joc...@jochen.org
To: B.harries <b.harr...@protonmail.com>
freeipa-users\@redhat.com <freeipa-users@redhat.com>

"B.harries" <b.harr...@protonmail.com> writes:

> Second attempt
> We then tried to install a fresh CentOS server, having FreeIPA version
> 4.4 and attaching it as a second master to our IPA instance. This
> however didn't work out as well,

I did that to move my installation from Fedora to CentOS - it worked
quite well. First adding a replica failed, because python-jwcrypto on
CentOS is quite old. I've installed the package from Fedora
(python-jwcrypto-0.3.2-1.fc23.noarch.rpm) and all went well. After I
decomissioned the Fedora system I've downgraded the package again.

That's what I found:
https://www.redhat.com/archives/freeipa-users/2016-December/msg00024.html
(Re: [Freeipa-users] Add 4.4 replica to 4.3 server fails)

Can you provide logs/messages what didn't work?

Jochen

--
This space is intentionally left blank.
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to