Hey, Since I've setup a replica it gives errors like these:
[17/Oct/2017:11:36:55 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:36:56 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:36:56 +0200] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -2 (Local error) [17/Oct/2017:11:36:56 +0200] NSMMReplicationPlugin - agmt="cn=meTorotte.ghs.nl" (rotte:389): Replication bind with GSSAPI auth failed: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) [17/Oct/2017:11:36:59 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:36:59 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:36:59 +0200] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -2 (Local error) [17/Oct/2017:11:37:05 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:37:05 +0200] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)) errno 2 (No such file or directory) [17/Oct/2017:11:37:05 +0200] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -2 (Local error) [17/Oct/2017:11:37:18 +0200] NSMMReplicationPlugin - agmt="cn=meTorotte.ghs.nl" (rotte:389): Replication bind with GSSAPI auth resumed I'm looking for hints how to debug this. And of course it would be nice if someone knows how to solve this. Details about the installation. Both servers: Ubuntu 16.04, freeipa version 4.3.1-0ubuntu1 The original master is rotte.ghs.nl and my replica is linge.ghs.nl. The above log is on the replica (linge). Perhaps the following is valuable information, perhaps not. The installation failed at first due to a timeout problem. I've changed the Python to increase the time, and after that the replica installation succeeded. I'm able to connect to it (LDAP and web UI), and new information entered in the master was replicated correctly. But now I see some clients having Kerberos ticket problems, most likely because they use the replica, which is not valid anymore. Should I abandon the replica and reinstall it, and if so, how should I do that (safely)? -- Kees Bakker _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org