[Freeipa-users] FreeIPA Replica Install issue on CentOS 7.3 and ipa 4.4.0

Eric Renfro via FreeIPA-users Tue, 13 Jun 2017 04:26:51 -0700

I've been trying to rebuild my FreeIPA server that I run on CentOS 7.3.
Previously, I was running FreeIPA 4.2.x and upgraded over time to 4.4.0
now, but somewhere along the lines, it totally broke and failed. For me
it's not a big deal because it serves very little in a home cluster
lab, but I wanted to take this time to update my chef cookbooks to
accomodate the new way to auto-configure FreeIPA.


The Server installation portion was pretty much the same as before.
It's the replica that's mostly changed.

Using the install method with ipa-replica-install, I'm using these
arguments:

ipa-replica-install --unattended \
    --no-ntp --mkhomedir --skip-conncheck \
    --ip-address 172.17.0.102 \
    --principal admin \
    --admin-password "redacted" \
    --server ipa1.home.ld \
    --domain home.ld \
    --realm HOME.LD

And it's failing with the following results:

Configuring directory server (dirsrv). Estimated time: 1 minute
  [1/44]: creating directory server user
  [2/44]: creating directory server instance
  [3/44]: updating configuration in dse.ldif
  [4/44]: restarting directory server
  [5/44]: adding default schema
  [6/44]: enabling memberof plugin
  [7/44]: enabling winsync plugin
  [8/44]: configuring replication version plugin
  [9/44]: enabling IPA enrollment plugin
  [10/44]: enabling ldapi
  [11/44]: configuring uniqueness plugin
  [12/44]: configuring uuid plugin
  [13/44]: configuring modrdn plugin
  [14/44]: configuring DNS plugin
  [15/44]: enabling entryUSN plugin
  [16/44]: configuring lockout plugin
  [17/44]: configuring topology plugin
  [18/44]: creating indices
  [19/44]: enabling referential integrity plugin
  [20/44]: configuring certmap.conf
  [21/44]: configure autobind for root
  [22/44]: configure new location for managed entries
  [23/44]: configure dirsrv ccache
  [24/44]: enabling SASL mapping fallback
  [25/44]: restarting directory server
  [26/44]: creating DS keytab
  [27/44]: retrieving DS Certificate
  [28/44]: restarting directory server
  [29/44]: setting up initial replication
Starting replication, please wait until this has completed.
Update in progress, 15 seconds elapsed
[ipa1.home.ld] reports: Update failed! Status: [49  - LDAP error:
Invalid credentials]

  [error] RuntimeError: Failed to start replication
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
STDERR: Client hostname: ipa2.home.ld
Realm: HOME.LD
DNS Domain: home.ld
IPA Server: ipa1.home.ld
BaseDN: dc=home,dc=ld
Skipping synchronizing time with NTP server.
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=HOME.LD
    Issuer:      CN=Certificate Authority,O=HOME.LD
    Valid From:  Sun Jun 11 14:31:12 2017 UTC
    Valid Until: Thu Jun 11 14:31:12 2037 UTC

Enrolled in IPA realm HOME.LD
Created /etc/ipa/default.conf
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm HOME.LD
trying https://ipa1.home.ld/ipa/json
Forwarding 'schema' to json server 'https://ipa1.home.ld/ipa/json'
trying https://ipa1.home.ld/ipa/session/json
Forwarding 'ping' to json server 'https://ipa1.home.ld/ipa/session/json
'
Forwarding 'ca_is_enabled' to json server 'https://ipa1.home.ld/ipa/ses
sion/json'
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Forwarding 'host_mod' to json server 'https://ipa1.home.ld/ipa/session/
json'
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring home.ld as NIS domain.
Client configuration complete.
ipa.ipapython.install.cli.install_tool(Replica): ERROR    Failed to
start replication
ipa.ipapython.install.cli.install_tool(Replica): ERROR    The ipa-
replica-install command failed. See /var/log/ipareplica-install.log for
more information

Attached is the full logs from ipareplica-install.log

Any help on this would be greatly appreciated. I had tried all weekend
long trying to get this to work all to the same basic failure.

Eric

2017-06-12T20:29:06Z DEBUG Logging to /var/log/ipareplica-install.log
2017-06-12T20:29:06Z DEBUG ipa-replica-install was invoked with arguments [] and options: {'no_dns_sshfp': None, 'skip_schema_check': None, 'setup_kra': None, 'ip_addresses': [CheckedIPAddress('172.17.0.102')], 'mkhomedir': True, 'http_cert_files': None, 'ssh_trust_dns': None, 'reverse_zones': None, 'no_forwarders': None, 'keytab': None, 'no_ntp': True, 'domain_name': 'home.ld', 'http_cert_name': None, 'dirsrv_cert_files': None, 'no_dnssec_validation': None, 'no_reverse': None, 'unattended': True, 'auto_reverse': None, 'auto_forwarders': None, 'no_host_dns': None, 'no_sshd': None, 'no_ui_redirect': None, 'dirsrv_config_file': None, 'forwarders': None, 'verbose': False, 'setup_ca': None, 'realm_name': 'HOME.LD', 'skip_conncheck': True, 'no_ssh': None, 'forward_policy': None, 'dirsrv_cert_name': None, 'quiet': False, 'server': 'ipa1.home.ld', 'setup_dns': None, 'host_name': None, 'log_file': None, 'allow_zone_overlap': None}
2017-06-12T20:29:06Z DEBUG IPA version 4.4.0-14.el7.centos.7
2017-06-12T20:29:06Z DEBUG Starting external process
2017-06-12T20:29:06Z DEBUG args=/usr/sbin/selinuxenabled
2017-06-12T20:29:06Z DEBUG Process finished, return code=0
2017-06-12T20:29:06Z DEBUG stdout=
2017-06-12T20:29:06Z DEBUG stderr=
2017-06-12T20:29:06Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2017-06-12T20:29:06Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:06Z DEBUG httpd is not configured
2017-06-12T20:29:06Z DEBUG kadmin is not configured
2017-06-12T20:29:06Z DEBUG dirsrv is not configured
2017-06-12T20:29:06Z DEBUG pki-tomcatd is not configured
2017-06-12T20:29:06Z DEBUG install is not configured
2017-06-12T20:29:06Z DEBUG krb5kdc is not configured
2017-06-12T20:29:06Z DEBUG ntpd is not configured
2017-06-12T20:29:06Z DEBUG named is not configured
2017-06-12T20:29:06Z DEBUG ipa_memcached is not configured
2017-06-12T20:29:06Z DEBUG filestore is tracking no files
2017-06-12T20:29:06Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
2017-06-12T20:29:06Z DEBUG Configuring client side components
2017-06-12T20:29:06Z DEBUG Starting external process
2017-06-12T20:29:06Z DEBUG args=/usr/sbin/ipa-client-install --unattended --no-ntp --domain home.ld --server ipa1.home.ld --realm HOME.LD --principal admin --mkhomedir
2017-06-12T20:29:24Z DEBUG Process finished, return code=0
2017-06-12T20:29:24Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2017-06-12T20:29:24Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:24Z DEBUG Starting external process
2017-06-12T20:29:24Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
2017-06-12T20:29:24Z DEBUG Process finished, return code=0
2017-06-12T20:29:24Z DEBUG stdout=VirtualHost configuration:
*:8443                 ipa2.home.ld (/etc/httpd/conf.d/nss.conf:83)

2017-06-12T20:29:24Z DEBUG stderr=
2017-06-12T20:29:24Z DEBUG importing all plugin modules in ipaserver.plugins...
2017-06-12T20:29:24Z DEBUG importing plugin module ipaserver.plugins.aci
2017-06-12T20:29:24Z DEBUG importing plugin module ipaserver.plugins.automember
2017-06-12T20:29:24Z DEBUG importing plugin module ipaserver.plugins.automount
2017-06-12T20:29:24Z DEBUG importing plugin module ipaserver.plugins.baseldap
2017-06-12T20:29:24Z DEBUG ipaserver.plugins.baseldap is not a valid plugin module
2017-06-12T20:29:24Z DEBUG importing plugin module ipaserver.plugins.baseuser
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.batch
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.ca
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.caacl
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.cert
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.certprofile
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.config
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.delegation
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.dns
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.dnsserver
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.dogtag
2017-06-12T20:29:25Z DEBUG skipping plugin module ipaserver.plugins.dogtag: dogtag not selected as RA plugin
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.domainlevel
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.group
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hbac
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.hbac is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hbacrule
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hbacsvc
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hbacsvcgroup
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hbactest
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.host
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.hostgroup
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.idrange
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.idviews
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.internal
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.join
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.krbtpolicy
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.ldap2
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.location
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.migration
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.misc
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.netgroup
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.otp
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.otp is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.otpconfig
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.otptoken
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.passwd
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.permission
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.ping
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.pkinit
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.pkinit is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.privilege
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.pwpolicy
2017-06-12T20:29:25Z DEBUG Starting external process
2017-06-12T20:29:25Z DEBUG args=klist -V
2017-06-12T20:29:25Z DEBUG Process finished, return code=0
2017-06-12T20:29:25Z DEBUG stdout=Kerberos 5 version 1.14.1

2017-06-12T20:29:25Z DEBUG stderr=
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.rabase
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.rabase is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.radiusproxy
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.realmdomains
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.role
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.schema
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.selfservice
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.selinuxusermap
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.server
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.serverrole
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.serverroles
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.service
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.servicedelegation
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.session
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.stageuser
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.sudo
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.sudo is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.sudocmd
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.sudocmdgroup
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.sudorule
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.topology
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.trust
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.user
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.vault
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.virtual
2017-06-12T20:29:25Z DEBUG ipaserver.plugins.virtual is not a valid plugin module
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.plugins.xmlserver
2017-06-12T20:29:25Z DEBUG importing all plugin modules in ipaserver.install.plugins...
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.adtrust
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.ca_renewal_master
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.dns
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.fix_replica_agreements
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.rename_managed
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_ca_topology
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_idranges
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_managed_permissions
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_nis
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_pacs
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_passsync
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_referint
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_services
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.update_uniqueness
2017-06-12T20:29:25Z DEBUG importing plugin module ipaserver.install.plugins.upload_cacrt
2017-06-12T20:29:27Z DEBUG Check if ipa2.home.ld is a primary hostname for localhost
2017-06-12T20:29:27Z DEBUG Primary hostname for localhost: ipa2.home.ld
2017-06-12T20:29:27Z DEBUG Search DNS for ipa2.home.ld
2017-06-12T20:29:27Z DEBUG Check if ipa2.home.ld is not a CNAME
2017-06-12T20:29:27Z DEBUG Check reverse address of 172.17.0.102
2017-06-12T20:29:27Z DEBUG Found reverse name: ipa2.home.ld
2017-06-12T20:29:27Z DEBUG Check if ipa1.home.ld is a primary hostname for localhost
2017-06-12T20:29:28Z DEBUG Primary hostname for localhost: ipa1.home.ld
2017-06-12T20:29:28Z DEBUG Search DNS for ipa1.home.ld
2017-06-12T20:29:28Z DEBUG Check if ipa1.home.ld is not a CNAME
2017-06-12T20:29:28Z DEBUG Check reverse address of 172.17.0.101
2017-06-12T20:29:28Z DEBUG Found reverse name: ipa1.home.ld
2017-06-12T20:29:28Z DEBUG Initializing principal host/ipa2.home...@home.ld using keytab /etc/krb5.keytab
2017-06-12T20:29:28Z DEBUG using ccache /tmp/krbcc_C2trI/ccache
2017-06-12T20:29:28Z DEBUG Attempt 1/1: success
2017-06-12T20:29:28Z DEBUG importing all plugin modules in ipaserver.plugins...
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.aci
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.automember
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.automount
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.baseldap
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.baseldap is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.baseuser
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.batch
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.ca
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.caacl
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.cert
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.certprofile
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.config
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.delegation
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.dns
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.dnsserver
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.dogtag
2017-06-12T20:29:28Z DEBUG skipping plugin module ipaserver.plugins.dogtag: dogtag not selected as RA plugin
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.domainlevel
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.group
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hbac
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.hbac is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hbacrule
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hbacsvc
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hbacsvcgroup
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hbactest
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.host
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.hostgroup
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.idrange
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.idviews
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.internal
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.join
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.krbtpolicy
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.ldap2
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.location
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.migration
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.misc
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.netgroup
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.otp
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.otp is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.otpconfig
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.otptoken
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.passwd
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.permission
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.ping
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.pkinit
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.pkinit is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.privilege
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.pwpolicy
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.rabase
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.rabase is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.radiusproxy
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.realmdomains
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.role
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.schema
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.selfservice
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.selinuxusermap
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.server
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.serverrole
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.serverroles
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.service
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.servicedelegation
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.session
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.stageuser
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.sudo
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.sudo is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.sudocmd
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.sudocmdgroup
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.sudorule
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.topology
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.trust
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.user
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.vault
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.virtual
2017-06-12T20:29:28Z DEBUG ipaserver.plugins.virtual is not a valid plugin module
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.plugins.xmlserver
2017-06-12T20:29:28Z DEBUG importing all plugin modules in ipaserver.install.plugins...
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.adtrust
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.ca_renewal_master
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.dns
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.fix_replica_agreements
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.rename_managed
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_ca_topology
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_idranges
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_managed_permissions
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_nis
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_pacs
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_passsync
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_referint
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_services
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.update_uniqueness
2017-06-12T20:29:28Z DEBUG importing plugin module ipaserver.install.plugins.upload_cacrt
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl search @s user ipa_session_cookie:host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=938543773

2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl pipe 938543773
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:22 GMT; Secure; HttpOnly
2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG found session_cookie in persistent storage for principal 'host/ipa2.home...@home.ld', cookie: 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:22 GMT; Secure; HttpOnly'
2017-06-12T20:29:30Z DEBUG setting session_cookie into context 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46;'
2017-06-12T20:29:30Z INFO trying https://ipa1.home.ld/ipa/session/json
2017-06-12T20:29:30Z DEBUG NSSConnection init ipa1.home.ld
2017-06-12T20:29:30Z DEBUG Connecting: 172.17.0.101:0
2017-06-12T20:29:30Z DEBUG approved_usage = SSL Server intended_usage = SSL Server
2017-06-12T20:29:30Z DEBUG cert valid True for "CN=ipa1.home.ld,O=HOME.LD"
2017-06-12T20:29:30Z DEBUG handshake complete, peer = 172.17.0.101:443
2017-06-12T20:29:30Z DEBUG Protocol: TLS1.2
2017-06-12T20:29:30Z DEBUG Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2017-06-12T20:29:30Z DEBUG received Set-Cookie 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:32 GMT; Secure; HttpOnly'
2017-06-12T20:29:30Z DEBUG storing cookie 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:32 GMT; Secure; HttpOnly' for principal host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl search @s user ipa_session_cookie:host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=938543773

2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl search @s user ipa_session_cookie:host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=938543773

2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl pupdate 938543773
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=
2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Created connection context.jsonclient_141233104
2017-06-12T20:29:30Z INFO Forwarding 'env' to json server 'https://ipa1.home.ld/ipa/session/json'
2017-06-12T20:29:30Z DEBUG NSSConnection init ipa1.home.ld
2017-06-12T20:29:30Z DEBUG Connecting: 172.17.0.101:0
2017-06-12T20:29:30Z DEBUG approved_usage = SSL Server intended_usage = SSL Server
2017-06-12T20:29:30Z DEBUG cert valid True for "CN=ipa1.home.ld,O=HOME.LD"
2017-06-12T20:29:30Z DEBUG handshake complete, peer = 172.17.0.101:443
2017-06-12T20:29:30Z DEBUG Protocol: TLS1.2
2017-06-12T20:29:30Z DEBUG Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2017-06-12T20:29:30Z DEBUG received Set-Cookie 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:32 GMT; Secure; HttpOnly'
2017-06-12T20:29:30Z DEBUG storing cookie 'ipa_session=8dcf25f45f07c1a0a8c02d31886dff46; Domain=ipa1.home.ld; Path=/ipa; Expires=Mon, 12 Jun 2017 20:49:32 GMT; Secure; HttpOnly' for principal host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl search @s user ipa_session_cookie:host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=938543773

2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl search @s user ipa_session_cookie:host/ipa2.home...@home.ld
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=938543773

2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Starting external process
2017-06-12T20:29:30Z DEBUG args=keyctl pupdate 938543773
2017-06-12T20:29:30Z DEBUG Process finished, return code=0
2017-06-12T20:29:30Z DEBUG stdout=
2017-06-12T20:29:30Z DEBUG stderr=
2017-06-12T20:29:30Z DEBUG Destroyed connection context.jsonclient_141233104
2017-06-12T20:29:31Z DEBUG Created connection context.ldap2_110636944
2017-06-12T20:29:31Z DEBUG raw: domainlevel_get(version=u'2.213')
2017-06-12T20:29:31Z DEBUG domainlevel_get(version=u'2.213')
2017-06-12T20:29:31Z DEBUG flushing ldaps://ipa1.home.ld from SchemaCache
2017-06-12T20:29:31Z DEBUG retrieving schema for SchemaCache url=ldaps://ipa1.home.ld conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86b45f0>
2017-06-12T20:29:31Z DEBUG raw: hostgroup_find(None, cn=u'ipaservers', version=u'2.213', host=[u'ipa2.home.ld'])
2017-06-12T20:29:31Z DEBUG hostgroup_find(None, cn=u'ipaservers', all=False, raw=False, version=u'2.213', no_members=True, pkey_only=False, host=(u'ipa2.home.ld',))
2017-06-12T20:29:31Z DEBUG KRB5CCNAME set to None
2017-06-12T20:29:31Z DEBUG Failed to find default ccache: Major (851968): Unspecified GSS failure.  Minor code may provide more information, Minor (2529639053): No Kerberos credentials available (default cache: KEYRING:persistent:0)
2017-06-12T20:29:31Z DEBUG Initializing principal ad...@home.ld using password
2017-06-12T20:29:31Z DEBUG Starting external process
2017-06-12T20:29:31Z DEBUG args=/usr/bin/kinit ad...@home.ld -c /tmp/tmpuxrjbz
2017-06-12T20:29:31Z DEBUG Process finished, return code=0
2017-06-12T20:29:31Z DEBUG stdout=Password for ad...@home.ld: 

2017-06-12T20:29:31Z DEBUG stderr=
2017-06-12T20:29:31Z DEBUG Destroyed connection context.ldap2_110636944
2017-06-12T20:29:31Z DEBUG Created connection context.ldap2_110636944
2017-06-12T20:29:31Z DEBUG raw: hostgroup_show(u'ipaservers', rights=True, all=True, version=u'2.213')
2017-06-12T20:29:31Z DEBUG hostgroup_show(u'ipaservers', rights=True, all=True, raw=False, version=u'2.213', no_members=False)
2017-06-12T20:29:31Z DEBUG flushing ldaps://ipa1.home.ld from SchemaCache
2017-06-12T20:29:31Z DEBUG retrieving schema for SchemaCache url=ldaps://ipa1.home.ld conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86b4c20>
2017-06-12T20:29:32Z DEBUG Destroyed connection context.ldap2_110636944
2017-06-12T20:29:32Z DEBUG Created connection context.ldap2_110636944
2017-06-12T20:29:32Z DEBUG flushing ldaps://ipa1.home.ld from SchemaCache
2017-06-12T20:29:32Z DEBUG retrieving schema for SchemaCache url=ldaps://ipa1.home.ld conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86b4998>
2017-06-12T20:29:32Z DEBUG No IPA DNS servers, skipping forward/reverse resolution check
2017-06-12T20:29:32Z DEBUG Name ipa2.home.ld. resolved to set([UnsafeIPAddress('172.17.0.102')])
2017-06-12T20:29:32Z DEBUG Destroyed connection context.ldap2_110636944
2017-06-12T20:29:32Z DEBUG Created connection context.ldap2_110636944
2017-06-12T20:29:32Z DEBUG raw: hostgroup_add_member(u'ipaservers', version=u'2.213', host=[u'ipa2.home.ld'])
2017-06-12T20:29:32Z DEBUG hostgroup_add_member(u'ipaservers', all=False, raw=False, version=u'2.213', no_members=False, host=(u'ipa2.home.ld',))
2017-06-12T20:29:32Z DEBUG add_entry_to_group: dn=fqdn=ipa2.home.ld,cn=computers,cn=accounts,dc=home,dc=ld group_dn=cn=ipaservers,cn=hostgroups,cn=accounts,dc=home,dc=ld member_attr=member
2017-06-12T20:29:32Z DEBUG flushing ldaps://ipa1.home.ld from SchemaCache
2017-06-12T20:29:32Z DEBUG retrieving schema for SchemaCache url=ldaps://ipa1.home.ld conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x90d7c20>
2017-06-12T20:29:34Z DEBUG Destroyed connection context.ldap2_110636944
2017-06-12T20:29:34Z DEBUG Backing up system configuration file '/etc/ipa/default.conf'
2017-06-12T20:29:34Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/bin/systemctl start messagebus.service
2017-06-12T20:29:34Z DEBUG Process finished, return code=0
2017-06-12T20:29:34Z DEBUG stdout=
2017-06-12T20:29:34Z DEBUG stderr=
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/bin/systemctl is-active messagebus.service
2017-06-12T20:29:34Z DEBUG Process finished, return code=0
2017-06-12T20:29:34Z DEBUG stdout=active

2017-06-12T20:29:34Z DEBUG stderr=
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/bin/systemctl restart certmonger.service
2017-06-12T20:29:34Z DEBUG Process finished, return code=0
2017-06-12T20:29:34Z DEBUG stdout=
2017-06-12T20:29:34Z DEBUG stderr=
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/bin/systemctl is-active certmonger.service
2017-06-12T20:29:34Z DEBUG Process finished, return code=0
2017-06-12T20:29:34Z DEBUG stdout=active

2017-06-12T20:29:34Z DEBUG stderr=
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/bin/systemctl enable certmonger.service
2017-06-12T20:29:34Z DEBUG Process finished, return code=0
2017-06-12T20:29:34Z DEBUG stdout=
2017-06-12T20:29:34Z DEBUG stderr=Created symlink from /etc/systemd/system/multi-user.target.wants/certmonger.service to /usr/lib/systemd/system/certmonger.service.

2017-06-12T20:29:34Z DEBUG group dirsrv exists
2017-06-12T20:29:34Z DEBUG user dirsrv exists
2017-06-12T20:29:34Z DEBUG Created connection context.ldap2_110636944
2017-06-12T20:29:34Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2017-06-12T20:29:34Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:34Z DEBUG Configuring directory server (dirsrv). Estimated time: 1 minute
2017-06-12T20:29:34Z DEBUG   [1/44]: creating directory server user
2017-06-12T20:29:34Z DEBUG group dirsrv exists
2017-06-12T20:29:34Z DEBUG user dirsrv exists
2017-06-12T20:29:34Z DEBUG   duration: 0 seconds
2017-06-12T20:29:34Z DEBUG   [2/44]: creating directory server instance
2017-06-12T20:29:34Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2017-06-12T20:29:34Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2017-06-12T20:29:34Z DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
2017-06-12T20:29:34Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:34Z DEBUG 
dn: dc=home,dc=ld
objectClass: top
objectClass: domain
objectClass: pilotObject
dc: home
info: IPA V2.0

2017-06-12T20:29:34Z DEBUG writing inf template
2017-06-12T20:29:34Z DEBUG 
[General]
FullMachineName=   ipa2.home.ld
SuiteSpotUserID=   dirsrv
SuiteSpotGroup=    dirsrv
ServerRoot=    /usr/lib64/dirsrv
[slapd]
ServerPort=   389
ServerIdentifier=   HOME-LD
Suffix=   dc=home,dc=ld
RootDN=   cn=Directory Manager
InstallLdifFile= /var/lib/dirsrv/boot.ldif
inst_dir=   /var/lib/dirsrv/scripts-HOME-LD

2017-06-12T20:29:34Z DEBUG calling setup-ds.pl
2017-06-12T20:29:34Z DEBUG Starting external process
2017-06-12T20:29:34Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpeOHXFY
2017-06-12T20:29:38Z DEBUG Process finished, return code=0
2017-06-12T20:29:38Z DEBUG stdout=[17/06/12:16:29:38] - [Setup] Info Your new DS instance 'HOME-LD' was successfully created.
Your new DS instance 'HOME-LD' was successfully created.
[17/06/12:16:29:38] - [Setup] Success Exiting . . .
Log file is '-'

Exiting . . .
Log file is '-'


2017-06-12T20:29:38Z DEBUG stderr=
2017-06-12T20:29:38Z DEBUG completed creating ds instance
2017-06-12T20:29:38Z DEBUG   duration: 4 seconds
2017-06-12T20:29:38Z DEBUG   [3/44]: updating configuration in dse.ldif
2017-06-12T20:29:38Z DEBUG Starting external process
2017-06-12T20:29:38Z DEBUG args=/bin/systemctl stop dirsrv@HOME-LD.service
2017-06-12T20:29:39Z DEBUG Process finished, return code=0
2017-06-12T20:29:39Z DEBUG stdout=
2017-06-12T20:29:39Z DEBUG stderr=
2017-06-12T20:29:39Z DEBUG   duration: 1 seconds
2017-06-12T20:29:39Z DEBUG   [4/44]: restarting directory server
2017-06-12T20:29:39Z DEBUG Starting external process
2017-06-12T20:29:39Z DEBUG args=/bin/systemctl --system daemon-reload
2017-06-12T20:29:40Z DEBUG Process finished, return code=0
2017-06-12T20:29:40Z DEBUG stdout=
2017-06-12T20:29:40Z DEBUG stderr=
2017-06-12T20:29:40Z DEBUG Starting external process
2017-06-12T20:29:40Z DEBUG args=/bin/systemctl restart dirsrv@HOME-LD.service
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=
2017-06-12T20:29:41Z DEBUG stderr=
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=active

2017-06-12T20:29:41Z DEBUG stderr=
2017-06-12T20:29:41Z DEBUG wait_for_open_ports: localhost [389] timeout 300
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=active

2017-06-12T20:29:41Z DEBUG stderr=
2017-06-12T20:29:41Z DEBUG   duration: 1 seconds
2017-06-12T20:29:41Z DEBUG   [5/44]: adding default schema
2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [6/44]: enabling memberof plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/memberof-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpLXs1sg
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=replace nsslapd-pluginenabled:
	on
add memberofgroupattr:
	memberUser
add memberofgroupattr:
	memberHost
modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [7/44]: enabling winsync plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-winsync-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpqhqwNn
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	ipa-winsync
add nsslapd-pluginpath:
	libipa_winsync
add nsslapd-plugininitfunc:
	ipa_winsync_plugin_init
add nsslapd-pluginDescription:
	Allows IPA to work with the DS windows sync feature
add nsslapd-pluginid:
	ipa-winsync
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	Red Hat
add nsslapd-plugintype:
	preoperation
add nsslapd-pluginenabled:
	on
add nsslapd-plugin-depends-on-type:
	database
add ipaWinSyncRealmFilter:
	(objectclass=krbRealmContainer)
add ipaWinSyncRealmAttr:
	cn
add ipaWinSyncNewEntryFilter:
	(cn=ipaConfig)
add ipaWinSyncNewUserOCAttr:
	ipauserobjectclasses
add ipaWinSyncUserFlatten:
	true
add ipaWinsyncHomeDirAttr:
	ipaHomesRootDir
add ipaWinsyncLoginShellAttr:
	ipaDefaultLoginShell
add ipaWinSyncDefaultGroupAttr:
	ipaDefaultPrimaryGroup
add ipaWinSyncDefaultGroupFilter:
	(gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames)
add ipaWinSyncAcctDisable:
	both
add ipaWinSyncForceSync:
	true
add ipaWinSyncUserAttr:
	uidNumber -1
	gidNumber -1
adding new entry "cn=ipa-winsync,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [8/44]: configuring replication version plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/version-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpp3TsrW
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	IPA Version Replication
add nsslapd-pluginpath:
	libipa_repl_version
add nsslapd-plugininitfunc:
	repl_version_plugin_init
add nsslapd-plugintype:
	preoperation
add nsslapd-pluginenabled:
	off
add nsslapd-pluginid:
	ipa_repl_version
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	Red Hat, Inc.
add nsslapd-plugindescription:
	IPA Replication version plugin
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-plugin-depends-on-named:
	Multimaster Replication Plugin
adding new entry "cn=IPA Version Replication,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [9/44]: enabling IPA enrollment plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpctxKDu -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpLjWA3i
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	ipa_enrollment_extop
add nsslapd-pluginpath:
	libipa_enrollment_extop
add nsslapd-plugininitfunc:
	ipaenrollment_init
add nsslapd-plugintype:
	extendedop
add nsslapd-pluginenabled:
	on
add nsslapd-pluginid:
	ipa_enrollment_extop
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	RedHat
add nsslapd-plugindescription:
	Enroll hosts into the IPA domain
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-realmTree:
	dc=home,dc=ld
adding new entry "cn=ipa_enrollment_extop,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [10/44]: enabling ldapi
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpk6aRi3 -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmp9y1VzO
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=replace nsslapd-ldapilisten:
	on
modifying entry "cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [11/44]: configuring uniqueness plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmppxYiie -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpzb2pDv
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	krbPrincipalName uniqueness
add nsslapd-pluginPath:
	libattr-unique-plugin
add nsslapd-pluginInitfunc:
	NSUniqueAttr_Init
add nsslapd-pluginType:
	preoperation
add nsslapd-pluginEnabled:
	on
add uniqueness-attribute-name:
	krbPrincipalName
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginId:
	NSUniqueAttr
add nsslapd-pluginVersion:
	1.1.0
add nsslapd-pluginVendor:
	Fedora Project
add nsslapd-pluginDescription:
	Enforce unique attribute values
add uniqueness-subtrees:
	dc=home,dc=ld
add uniqueness-exclude-subtrees:
	cn=staged users,cn=accounts,cn=provisioning,dc=home,dc=ld
add uniqueness-across-all-subtrees:
	on
adding new entry "cn=krbPrincipalName uniqueness,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	krbCanonicalName uniqueness
add nsslapd-pluginPath:
	libattr-unique-plugin
add nsslapd-pluginInitfunc:
	NSUniqueAttr_Init
add nsslapd-pluginType:
	preoperation
add nsslapd-pluginEnabled:
	on
add uniqueness-attribute-name:
	krbCanonicalName
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginId:
	NSUniqueAttr
add nsslapd-pluginVersion:
	1.1.0
add nsslapd-pluginVendor:
	Fedora Project
add nsslapd-pluginDescription:
	Enforce unique attribute values
add uniqueness-subtrees:
	dc=home,dc=ld
add uniqueness-exclude-subtrees:
	cn=staged users,cn=accounts,cn=provisioning,dc=home,dc=ld
add uniqueness-across-all-subtrees:
	on
adding new entry "cn=krbCanonicalName uniqueness,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	netgroup uniqueness
add nsslapd-pluginPath:
	libattr-unique-plugin
add nsslapd-pluginInitfunc:
	NSUniqueAttr_Init
add nsslapd-pluginType:
	preoperation
add nsslapd-pluginEnabled:
	on
add uniqueness-attribute-name:
	cn
add uniqueness-subtrees:
	cn=ng,cn=alt,dc=home,dc=ld
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginId:
	NSUniqueAttr
add nsslapd-pluginVersion:
	1.1.0
add nsslapd-pluginVendor:
	Fedora Project
add nsslapd-pluginDescription:
	Enforce unique attribute values
adding new entry "cn=netgroup uniqueness,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	ipaUniqueID uniqueness
add nsslapd-pluginPath:
	libattr-unique-plugin
add nsslapd-pluginInitfunc:
	NSUniqueAttr_Init
add nsslapd-pluginType:
	preoperation
add nsslapd-pluginEnabled:
	on
add uniqueness-attribute-name:
	ipaUniqueID
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginId:
	NSUniqueAttr
add nsslapd-pluginVersion:
	1.1.0
add nsslapd-pluginVendor:
	Fedora Project
add nsslapd-pluginDescription:
	Enforce unique attribute values
add uniqueness-subtrees:
	dc=home,dc=ld
add uniqueness-exclude-subtrees:
	cn=staged users,cn=accounts,cn=provisioning,dc=home,dc=ld
add uniqueness-across-all-subtrees:
	on
adding new entry "cn=ipaUniqueID uniqueness,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	sudorule name uniqueness
add nsslapd-pluginDescription:
	Enforce unique attribute values
add nsslapd-pluginPath:
	libattr-unique-plugin
add nsslapd-pluginInitfunc:
	NSUniqueAttr_Init
add nsslapd-pluginType:
	preoperation
add nsslapd-pluginEnabled:
	on
add uniqueness-attribute-name:
	cn
add uniqueness-subtrees:
	cn=sudorules,cn=sudo,dc=home,dc=ld
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginId:
	NSUniqueAttr
add nsslapd-pluginVersion:
	1.1.0
add nsslapd-pluginVendor:
	Fedora Project
adding new entry "cn=sudorule name uniqueness,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [12/44]: configuring uuid plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/uuid-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpDZhjsz
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	IPA UUID
add nsslapd-pluginpath:
	libipa_uuid
add nsslapd-plugininitfunc:
	ipauuid_init
add nsslapd-plugintype:
	preoperation
add nsslapd-pluginenabled:
	on
add nsslapd-pluginid:
	ipauuid_version
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	Red Hat, Inc.
add nsslapd-plugindescription:
	IPA UUID plugin
add nsslapd-plugin-depends-on-type:
	database
adding new entry "cn=IPA UUID,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpQ_Traz -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpkZaWLZ
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	extensibleObject
add cn:
	IPA Unique IDs
add ipaUuidAttr:
	ipaUniqueID
add ipaUuidMagicRegen:
	autogenerate
add ipaUuidFilter:
	(|(objectclass=ipaObject)(objectclass=ipaAssociation))
add ipaUuidScope:
	dc=home,dc=ld
add ipaUuidEnforce:
	TRUE
adding new entry "cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config"
modify complete

add objectclass:
	top
	extensibleObject
add cn:
	IPK11 Unique IDs
add ipaUuidAttr:
	ipk11UniqueID
add ipaUuidMagicRegen:
	autogenerate
add ipaUuidFilter:
	(objectclass=ipk11Object)
add ipaUuidScope:
	dc=home,dc=ld
add ipaUuidEnforce:
	FALSE
adding new entry "cn=IPK11 Unique IDs,cn=IPA UUID,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [13/44]: configuring modrdn plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/modrdn-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpTLcteY
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	IPA MODRDN
add nsslapd-pluginpath:
	libipa_modrdn
add nsslapd-plugininitfunc:
	ipamodrdn_init
add nsslapd-plugintype:
	betxnpostoperation
add nsslapd-pluginenabled:
	on
add nsslapd-pluginid:
	ipamodrdn_version
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	Red Hat, Inc.
add nsslapd-plugindescription:
	IPA MODRDN plugin
add nsslapd-plugin-depends-on-type:
	database
add nsslapd-pluginPrecedence:
	60
adding new entry "cn=IPA MODRDN,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp81FD6V -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmphKbgWf
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	extensibleObject
add cn:
	Kerberos Principal Name
add ipaModRDNsourceAttr:
	uid
add ipaModRDNtargetAttr:
	krbPrincipalName
add ipaModRDNsuffix:
	@HOME.LD
add ipaModRDNfilter:
	(&(objectclass=posixaccount)(objectclass=krbPrincipalAux))
add ipaModRDNscope:
	dc=home,dc=ld
adding new entry "cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config"
modify complete

add objectclass:
	top
	extensibleObject
add cn:
	Kerberos Canonical Name
add ipaModRDNsourceAttr:
	uid
add ipaModRDNtargetAttr:
	krbCanonicalName
add ipaModRDNsuffix:
	@HOME.LD
add ipaModRDNfilter:
	(&(objectclass=posixaccount)(objectclass=krbPrincipalAux))
add ipaModRDNscope:
	dc=home,dc=ld
adding new entry "cn=Kerberos Canonical Name,cn=IPA MODRDN,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [14/44]: configuring DNS plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-dns-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpCBMwdW
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsslapdPlugin
	extensibleObject
add cn:
	IPA DNS
add nsslapd-plugindescription:
	IPA DNS support plugin
add nsslapd-pluginenabled:
	on
add nsslapd-pluginid:
	ipa_dns
add nsslapd-plugininitfunc:
	ipadns_init
add nsslapd-pluginpath:
	libipa_dns.so
add nsslapd-plugintype:
	preoperation
add nsslapd-pluginvendor:
	Red Hat, Inc.
add nsslapd-pluginversion:
	1.0
add nsslapd-plugin-depends-on-type:
	database
adding new entry "cn=IPA DNS,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [15/44]: enabling entryUSN plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/entryusn.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpZ6U3yP
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=replace nsslapd-entryusn-global:
	on
modifying entry "cn=config"
modify complete

replace nsslapd-entryusn-import-initval:
	next
modifying entry "cn=config"
modify complete

replace nsslapd-pluginenabled:
	on
modifying entry "cn=USN,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [16/44]: configuring lockout plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/lockout-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpvczEva
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectclass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	IPA Lockout
add nsslapd-pluginpath:
	libipa_lockout
add nsslapd-plugininitfunc:
	ipalockout_init
add nsslapd-plugintype:
	object
add nsslapd-pluginenabled:
	on
add nsslapd-pluginid:
	ipalockout_version
add nsslapd-pluginversion:
	1.0
add nsslapd-pluginvendor:
	Red Hat, Inc.
add nsslapd-plugindescription:
	IPA Lockout plugin
add nsslapd-plugin-depends-on-type:
	database
adding new entry "cn=IPA Lockout,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [17/44]: configuring topology plugin
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpk9mwG2 -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpFSr231
2017-06-12T20:29:41Z DEBUG Process finished, return code=0
2017-06-12T20:29:41Z DEBUG stdout=add objectClass:
	top
	nsSlapdPlugin
	extensibleObject
add cn:
	IPA Topology Configuration
add nsslapd-pluginPath:
	libtopology
add nsslapd-pluginInitfunc:
	ipa_topo_init
add nsslapd-pluginType:
	object
add nsslapd-pluginEnabled:
	on
add nsslapd-topo-plugin-shared-config-base:
	cn=ipa,cn=etc,dc=home,dc=ld
add nsslapd-topo-plugin-shared-replica-root:
	dc=home,dc=ld
	o=ipaca
add nsslapd-topo-plugin-shared-binddngroup:
	cn=replication managers,cn=sysaccounts,cn=etc,dc=home,dc=ld
add nsslapd-topo-plugin-startup-delay:
	20
add nsslapd-pluginId:
	none
add nsslapd-plugin-depends-on-named:
	ldbm database
	Multimaster Replication Plugin
add nsslapd-pluginVersion:
	1.0
add nsslapd-pluginVendor:
	none
add nsslapd-pluginDescription:
	none
adding new entry "cn=IPA Topology Configuration,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:41Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:41Z DEBUG   duration: 0 seconds
2017-06-12T20:29:41Z DEBUG   [18/44]: creating indices
2017-06-12T20:29:41Z DEBUG Starting external process
2017-06-12T20:29:41Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/indices.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpkC3cg_
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=add objectClass:
	top
	nsIndex
add cn:
	krbPrincipalName
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
add nsMatchingRule:
	caseIgnoreIA5Match
	caseExactIA5Match
adding new entry "cn=krbPrincipalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	ou
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
adding new entry "cn=ou,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	carLicense
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
adding new entry "cn=carLicense,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	title
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
adding new entry "cn=title,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	manager
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=manager,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	secretary
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=secretary,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	displayname
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
adding new entry "cn=displayname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add nsIndexType:
	sub
modifying entry "cn=uid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	uidnumber
add nsSystemIndex:
	false
add nsIndexType:
	eq
add nsMatchingRule:
	integerOrderingMatch
adding new entry "cn=uidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add objectClass:
	top
	nsIndex
add cn:
	gidnumber
add nsSystemIndex:
	false
add nsIndexType:
	eq
add nsMatchingRule:
	integerOrderingMatch
adding new entry "cn=gidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

replace nsIndexType:
	eq
	pres
modifying entry "cn=ntUniqueId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

replace nsIndexType:
	eq
	pres
modifying entry "cn=ntUserDomainId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add ObjectClass:
	top
	nsIndex
add cn:
	fqdn
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
adding new entry "cn=fqdn,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add ObjectClass:
	top
	nsIndex
add cn:
	macAddress
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
adding new entry "cn=macAddress,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	memberHost
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=memberHost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	memberUser
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=memberUser,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	sourcehost
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=sourcehost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	memberservice
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=memberservice,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	managedby
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=managedby,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	memberallowcmd
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=memberallowcmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	memberdenycmd
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=memberdenycmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipasudorunas
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=ipasudorunas,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipasudorunasgroup
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=ipasudorunasgroup,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	automountkey
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
adding new entry "cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipakrbprincipalalias
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
adding new entry "cn=ipakrbprincipalalias,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipauniqueid
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
adding new entry "cn=ipauniqueid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipaMemberCa
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=ipaMemberCa,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipaMemberCertProfile
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
	sub
adding new entry "cn=ipaMemberCertProfile,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	userCertificate
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
adding new entry "cn=userCertificate,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	ipalocation
add ObjectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	pres
adding new entry "cn=ipalocation,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete

add cn:
	krbCanonicalName
add objectClass:
	top
	nsIndex
add nsSystemIndex:
	false
add nsIndexType:
	eq
	sub
adding new entry "cn=krbCanonicalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:42Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [19/44]: enabling referential integrity plugin
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/referint-conf.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpBjY_RK
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=replace nsslapd-pluginenabled:
	on
modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:42Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [20/44]: configuring certmap.conf
2017-06-12T20:29:42Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
2017-06-12T20:29:42Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
2017-06-12T20:29:42Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'
2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [21/44]: configure autobind for root
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/root-autobind.ldif -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpKS6UY6
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=add objectClass:
	extensibleObject
	top
add cn:
	root-autobind
add uidNumber:
	0
add gidNumber:
	0
adding new entry "cn=root-autobind,cn=config"
modify complete

replace nsslapd-ldapiautobind:
	on
modifying entry "cn=config"
modify complete

replace nsslapd-ldapimaptoentries:
	on
modifying entry "cn=config"
modify complete


2017-06-12T20:29:42Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [22/44]: configure new location for managed entries
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpONEPbD -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpwBssk0
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=add nsslapd-pluginConfigArea:
	cn=Definitions,cn=Managed Entries,cn=etc,dc=home,dc=ld
modifying entry "cn=Managed Entries,cn=plugins,cn=config"
modify complete


2017-06-12T20:29:42Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [23/44]: configure dirsrv ccache
2017-06-12T20:29:42Z DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
2017-06-12T20:29:42Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/usr/sbin/selinuxenabled
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=
2017-06-12T20:29:42Z DEBUG stderr=
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/sbin/restorecon /etc/sysconfig/dirsrv
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=
2017-06-12T20:29:42Z DEBUG stderr=
2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [24/44]: enabling SASL mapping fallback
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp_0Hq5j -H ldap://ipa2.home.ld:389 -x -D cn=Directory Manager -y /tmp/tmpHWzkqs
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=replace nsslapd-sasl-mapping-fallback:
	on
modifying entry "cn=config"
modify complete


2017-06-12T20:29:42Z DEBUG stderr=ldap_initialize( ldap://ipa2.home.ld:389/??base )

2017-06-12T20:29:42Z DEBUG   duration: 0 seconds
2017-06-12T20:29:42Z DEBUG   [25/44]: restarting directory server
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/bin/systemctl --system daemon-reload
2017-06-12T20:29:42Z DEBUG Process finished, return code=0
2017-06-12T20:29:42Z DEBUG stdout=
2017-06-12T20:29:42Z DEBUG stderr=
2017-06-12T20:29:42Z DEBUG Starting external process
2017-06-12T20:29:42Z DEBUG args=/bin/systemctl restart dirsrv@HOME-LD.service
2017-06-12T20:29:43Z DEBUG Process finished, return code=0
2017-06-12T20:29:43Z DEBUG stdout=
2017-06-12T20:29:43Z DEBUG stderr=
2017-06-12T20:29:43Z DEBUG Starting external process
2017-06-12T20:29:43Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:43Z DEBUG Process finished, return code=0
2017-06-12T20:29:43Z DEBUG stdout=active

2017-06-12T20:29:43Z DEBUG stderr=
2017-06-12T20:29:43Z DEBUG wait_for_open_ports: localhost [389] timeout 300
2017-06-12T20:29:43Z DEBUG Starting external process
2017-06-12T20:29:43Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:43Z DEBUG Process finished, return code=0
2017-06-12T20:29:43Z DEBUG stdout=active

2017-06-12T20:29:43Z DEBUG stderr=
2017-06-12T20:29:43Z DEBUG   duration: 1 seconds
2017-06-12T20:29:43Z DEBUG   [26/44]: creating DS keytab
2017-06-12T20:29:43Z DEBUG Backing up system configuration file '/etc/dirsrv/ds.keytab'
2017-06-12T20:29:43Z DEBUG   -> Not backing up - '/etc/dirsrv/ds.keytab' doesn't exist
2017-06-12T20:29:43Z DEBUG raw: service_add(u'ldap/ipa2.home...@home.ld', force=True, version=u'2.213')
2017-06-12T20:29:43Z DEBUG service_add(<ipapython.kerberos.Principal object at 0x90f8f90>, force=True, all=False, raw=False, version=u'2.213', no_members=False)
2017-06-12T20:29:43Z DEBUG flushing ldaps://ipa1.home.ld from SchemaCache
2017-06-12T20:29:43Z DEBUG retrieving schema for SchemaCache url=ldaps://ipa1.home.ld conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86b4e60>
2017-06-12T20:29:44Z DEBUG raw: host_show(u'ipa2.home.ld', version=u'2.213')
2017-06-12T20:29:44Z DEBUG host_show(u'ipa2.home.ld', rights=False, all=False, raw=False, version=u'2.213', no_members=False)
2017-06-12T20:29:44Z DEBUG Starting external process
2017-06-12T20:29:44Z DEBUG args=/usr/sbin/ipa-getkeytab -k /etc/dirsrv/ds.keytab -p ldap/ipa2.home...@home.ld -s ipa1.home.ld
2017-06-12T20:29:44Z DEBUG Process finished, return code=0
2017-06-12T20:29:44Z DEBUG stdout=
2017-06-12T20:29:44Z DEBUG stderr=Keytab successfully retrieved and stored in: /etc/dirsrv/ds.keytab

2017-06-12T20:29:44Z DEBUG   duration: 0 seconds
2017-06-12T20:29:44Z DEBUG   [27/44]: retrieving DS Certificate
2017-06-12T20:29:44Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2017-06-12T20:29:44Z DEBUG Starting external process
2017-06-12T20:29:44Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-HOME-LD/ -L -n HOME.LD IPA CA -a
2017-06-12T20:29:44Z DEBUG Process finished, return code=255
2017-06-12T20:29:44Z DEBUG stdout=
2017-06-12T20:29:44Z DEBUG stderr=certutil: Could not find cert: HOME.LD IPA CA
: PR_FILE_NOT_FOUND_ERROR: File not found

2017-06-12T20:29:44Z DEBUG Starting external process
2017-06-12T20:29:44Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-HOME-LD/ -N -f /etc/dirsrv/slapd-HOME-LD//pwdfile.txt
2017-06-12T20:29:44Z DEBUG Process finished, return code=0
2017-06-12T20:29:44Z DEBUG stdout=
2017-06-12T20:29:44Z DEBUG stderr=
2017-06-12T20:29:44Z DEBUG Starting external process
2017-06-12T20:29:44Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-HOME-LD/ -A -n HOME.LD IPA CA -t CT,C,C -a
2017-06-12T20:29:44Z DEBUG Process finished, return code=0
2017-06-12T20:29:44Z DEBUG stdout=
2017-06-12T20:29:44Z DEBUG stderr=
2017-06-12T20:29:44Z DEBUG certmonger request is in state dbus.String(u'NEWLY_ADDED_READING_KEYINFO', variant_level=1)
2017-06-12T20:29:49Z DEBUG certmonger request is in state dbus.String(u'MONITORING', variant_level=1)
2017-06-12T20:29:49Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket from SchemaCache
2017-06-12T20:29:49Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x92829e0>
2017-06-12T20:29:50Z DEBUG   duration: 5 seconds
2017-06-12T20:29:50Z DEBUG   [28/44]: restarting directory server
2017-06-12T20:29:50Z DEBUG Starting external process
2017-06-12T20:29:50Z DEBUG args=/bin/systemctl --system daemon-reload
2017-06-12T20:29:50Z DEBUG Process finished, return code=0
2017-06-12T20:29:50Z DEBUG stdout=
2017-06-12T20:29:50Z DEBUG stderr=
2017-06-12T20:29:50Z DEBUG Starting external process
2017-06-12T20:29:50Z DEBUG args=/bin/systemctl restart dirsrv@HOME-LD.service
2017-06-12T20:29:52Z DEBUG Process finished, return code=0
2017-06-12T20:29:52Z DEBUG stdout=
2017-06-12T20:29:52Z DEBUG stderr=
2017-06-12T20:29:52Z DEBUG Starting external process
2017-06-12T20:29:52Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:52Z DEBUG Process finished, return code=0
2017-06-12T20:29:52Z DEBUG stdout=active

2017-06-12T20:29:52Z DEBUG stderr=
2017-06-12T20:29:52Z DEBUG wait_for_open_ports: localhost [389] timeout 300
2017-06-12T20:29:52Z DEBUG Starting external process
2017-06-12T20:29:52Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:52Z DEBUG Process finished, return code=0
2017-06-12T20:29:52Z DEBUG stdout=active

2017-06-12T20:29:52Z DEBUG stderr=
2017-06-12T20:29:52Z DEBUG   duration: 2 seconds
2017-06-12T20:29:52Z DEBUG   [29/44]: setting up initial replication
2017-06-12T20:29:52Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket from SchemaCache
2017-06-12T20:29:52Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86ce518>
2017-06-12T20:29:53Z DEBUG Starting external process
2017-06-12T20:29:53Z DEBUG args=/bin/systemctl --system daemon-reload
2017-06-12T20:29:53Z DEBUG Process finished, return code=0
2017-06-12T20:29:53Z DEBUG stdout=
2017-06-12T20:29:53Z DEBUG stderr=
2017-06-12T20:29:53Z DEBUG Starting external process
2017-06-12T20:29:53Z DEBUG args=/bin/systemctl restart dirsrv@HOME-LD.service
2017-06-12T20:29:56Z DEBUG Process finished, return code=0
2017-06-12T20:29:56Z DEBUG stdout=
2017-06-12T20:29:56Z DEBUG stderr=
2017-06-12T20:29:56Z DEBUG Starting external process
2017-06-12T20:29:56Z DEBUG args=/bin/systemctl is-active dirsrv@HOME-LD.service
2017-06-12T20:29:56Z DEBUG Process finished, return code=0
2017-06-12T20:29:56Z DEBUG stdout=active

2017-06-12T20:29:56Z DEBUG stderr=
2017-06-12T20:29:56Z DEBUG wait_for_open_ports: localhost [389] timeout 300
2017-06-12T20:29:56Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5]
2017-06-12T20:29:56Z DEBUG flushing ldap://ipa1.home.ld:389 from SchemaCache
2017-06-12T20:29:56Z DEBUG retrieving schema for SchemaCache url=ldap://ipa1.home.ld:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0xa420c68>
2017-06-12T20:29:56Z DEBUG Successfully updated nsDS5ReplicaId.
2017-06-12T20:29:56Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket from SchemaCache
2017-06-12T20:29:56Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-HOME-LD.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0xa6547a0>
2017-06-12T20:30:13Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 449, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 439, in run_step
    method()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 416, in __setup_replica
    repl.setup_promote_replication(self.master_fqdn)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1643, in setup_promote_replication
    raise RuntimeError("Failed to start replication")
RuntimeError: Failed to start replication

2017-06-12T20:30:13Z DEBUG   [error] RuntimeError: Failed to start replication
2017-06-12T20:30:13Z DEBUG Destroyed connection context.ldap2_110636944
2017-06-12T20:30:13Z DEBUG   File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run
    cfgr.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 310, in run
    self.execute()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 332, in execute
    for nothing in self._executor():
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 586, in _configure
    next(executor)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 449, in _handle_exception
    self.__parent._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 446, in _handle_exception
    super(ComponentBase, self)._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install
    for nothing in self._installer(self.parent):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1722, in main
    promote(self)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 372, in decorated
    func(installer)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1423, in promote
    promote=True, pkcs12_info=dirsrv_pkcs12_info)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 135, in install_replica_ds
    api=remote_api,
  File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 401, in create_replica
    self.start_creation(runtime=60)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 449, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 439, in run_step
    method()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 416, in __setup_replica
    repl.setup_promote_replication(self.master_fqdn)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1643, in setup_promote_replication
    raise RuntimeError("Failed to start replication")

2017-06-12T20:30:13Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication
2017-06-12T20:30:13Z ERROR Failed to start replication
2017-06-12T20:30:13Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

[Freeipa-users] FreeIPA Replica Install issue on CentOS 7.3 and ipa 4.4.0

Reply via email to