so its a fresh CentOS 7 box, i installed the "master" ok but getting replicas done is pitching me fits... any ideas?
ipa-client-install --domain=optimcloud.com --realm=OPTIMCLOUD.COM --force-join Skip ipa2.optimcloud.com: LDAP server is not responding, unable to verify if this is an IPA server Discovery was successful! Client hostname: ipa2.optimcloud.com Realm: OPTIMCLOUD.COM DNS Domain: optimcloud.com IPA Server: ipa3.optimcloud.com BaseDN: dc=optimcloud,dc=com Continue to configure the system with these values? [no]: yes Synchronizing time with KDC... Attempting to sync time using ntpd. Will timeout after 15 seconds Attempting to sync time using ntpd. Will timeout after 15 seconds User authorized to enroll computers: admin Password for ad...@optimcloud.com: Successfully retrieved CA cert Subject: CN=Certificate Authority,O=OPTIMCLOUD.COM Issuer: CN=Certificate Authority,O=OPTIMCLOUD.COM Valid From: 2017-11-08 09:51:27 Valid Until: 2037-11-08 09:51:27 Enrolled in IPA realm OPTIMCLOUD.COM Created /etc/ipa/default.conf New SSSD config will be created Configured sudoers in /etc/nsswitch.conf Configured /etc/sssd/sssd.conf Configured /etc/krb5.conf for IPA realm OPTIMCLOUD.COM trying https://ipa3.optimcloud.com/ipa/json [try 1]: Forwarding 'ping' to json server 'https://ipa3.optimcloud.com/ipa/json' [try 1]: Forwarding 'ca_is_enabled' to json server 'https://ipa3.optimcloud.com/ipa/json' Systemwide CA database updated. Hostname (ipa2.optimcloud.com) does not have A/AAAA record. Missing A/AAAA record(s) for host ipa2.optimcloud.com: 148.251.24.3. Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub [try 1]: Forwarding 'host_mod' to json server 'https://ipa3.optimcloud.com/ipa/json' SSSD enabled Configured /etc/openldap/ldap.conf NTP enabled Configured /etc/ssh/ssh_config Configured /etc/ssh/sshd_config Configuring optimcloud.com as NIS domain. Client configuration complete. The ipa-client-install command was successful [root@ipa2 ~]# ipa-replica-install --skip-conncheck --setup-dns --no-forwarders ipa : ERROR Reverse DNS resolution of address 148.251.24.3 (ipa2.optimcloud.com) failed. Clients may not function properly. Please che ck your DNS setup. (Note that this check queries IPA DNS directly and ignores /etc/hosts.) Continue? [no]: yes Configuring NTP daemon (ntpd) [1/4]: stopping ntpd [2/4]: writing configuration [3/4]: configuring ntpd to start on boot [4/4]: starting ntpd Done configuring NTP daemon (ntpd). Configuring directory server (dirsrv). Estimated time: 30 seconds [1/40]: creating directory server instance [2/40]: enabling ldapi [3/40]: configure autobind for root [4/40]: stopping directory server [5/40]: updating configuration in dse.ldif [6/40]: starting directory server [7/40]: adding default schema [8/40]: enabling memberof plugin [9/40]: enabling winsync plugin [10/40]: configuring replication version plugin [11/40]: enabling IPA enrollment plugin [12/40]: configuring uniqueness plugin [13/40]: configuring uuid plugin [14/40]: configuring modrdn plugin [15/40]: configuring DNS plugin [16/40]: enabling entryUSN plugin [17/40]: configuring lockout plugin [18/40]: configuring topology plugin [19/40]: creating indices [20/40]: enabling referential integrity plugin [21/40]: configuring certmap.conf [22/40]: configure new location for managed entries [23/40]: configure dirsrv ccache [24/40]: enabling SASL mapping fallback [25/40]: restarting directory server [26/40]: creating DS keytab [27/40]: setting up initial replication [error] DatabaseError: Server is unwilling to perform: Entry is managed by topology plugin. Adding of entry not allowed. Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR Server is unwilling to perform: Entry is managed by topology plugin. Adding of entry not allowed. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-inst all.log for more information _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
