Hello,
I have a weird issue setting up FreeIPA replica. Conncheck passes fine
but at the end of ipa-replica-install I always get following error:
slapi_ldap_bind -Error: could not send startTLS request: error -11
(Connect error) errno 0 (Success)
on both master and replica without any further ex
ck passes fine between nodes
- I can bind manually just fine
On 2016/02/08 18:05, Filip Pytloun wrote:
> Hello,
>
> I have a weird issue setting up FreeIPA replica. Conncheck passes fine
> but at the end of ipa-replica-install I always get following error:
>
> slapi_ldap_bind -Error
:00 +0100] conn=15 TLS1.2 128-bit AES-GCM
[12/Feb/2016:15:34:00 +0100] conn=15 op=-1 fd=64 closed - B1
On 2016/02/12 15:22, Ludwig Krispenz wrote:
>
> On 02/12/2016 03:06 PM, Filip Pytloun wrote:
> >Hello,
> >
> >even when enabling replication logging, I get nothing usef
allow just to be sure (in case that
bad cert is provided).
On 2016/02/12 16:57, Ludwig Krispenz wrote:
>
> On 02/12/2016 03:35 PM, Filip Pytloun wrote:
> >It's the same as for idm01:
> >
> >[12/Feb/2016:15:24:26 +0100] NSMMReplicationPlugin -
> >agmt="cn=me
Hello,
we are using Ubuntu 14.04 on FreeIPA clients and Ubuntu 16.04 on FreeIPA
server for 2 months with no critical issues.
Using newer freeipa-client was not needed, only sssd update from here,
because trusty version is buggy:
https://launchpad.net/~sssd/+archive/ubuntu/updates?field.series_fil
-x' '-D' 'cn=Directory Manager' '-y'
'/tmp/tmpIV39iM'' returned non-zero exit status 53
On 2016/02/15 11:06, Ludwig Krispenz wrote:
>
> On 02/12/2016 06:22 PM, Filip Pytloun wrote:
> >Following is in /etc/ldap/ldap.conf on both serv
x27;s some functional workaround? :-/
On 2016/02/15 09:23, Rob Crittenden wrote:
> Filip Pytloun wrote:
> > I am using Ubuntu 16.04 (Xenial), there's no /etc/openldap
>
> That's the problem right there. I don't believe Ubuntu supports setting
> up replication agr
My change was already applied in
bind9 (1:9.10.3.dfsg.P2-4) experimental; urgency=medium
I don't know if it could be shipped by sssd package as the policy is for
usr.bin.named binary.
On 2016/02/22 07:11, Timo Aaltonen wrote:
> 14.02.2016, 09:14, Filip Pytloun kirjoitti:
> > Hell