server 2 can syn update to server 1 but reverse fail Any idea? error below:
Can't contact LDAP server [26/Apr/2016:18:40:13 +0800] - Skipping CoS Definition cn=Password Policy,cn=accounts,dc=ABC,dc=com--no CoS Templates found, which should be added before the CoS Definition. [26/Apr/2016:18:40:19 +0800] - Skipping CoS Definition cn=Password Policy,cn=accounts,dc=ABC,dc=com--no CoS Templates found, which should be added before the CoS Definition. [26/Apr/2016:18:40:19 +0800] set_krb5_creds - Could not get initial credentials for principal [ldap/central.abc....@abc.com] in keytab [FILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC for requested realm) [26/Apr/2016:18:40:19 +0800] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Credentials cache file '/tmp/krb5cc_492' not found)) errno 0 (Success) [26/Apr/2016:18:40:19 +0800] slapi_ldap_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: error -2 (Local error) [26/Apr/2016:18:40:19 +0800] NSMMReplicationPlugin - agmt="cn= meTocentral02.ABC.com" (central02:389): Replication bind with GSSAPI auth failed: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Credentials cache file '/tmp/krb5cc_492' not found)) [26/Apr/2016:18:40:19 +0800] - slapd started. Listening on All Interfaces port 389 for LDAP requests [26/Apr/2016:18:40:19 +0800] - Listening on /var/run/slapd-ABC-COM.socket for LDAPI requests [26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn= meTocentral02.ABC.com" (central02:389): Replication bind with GSSAPI auth resumed [26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn= meTocentral02.ABC.com" (central02:389): Missing data encountered [26/Apr/2016:18:40:23 +0800] NSMMReplicationPlugin - agmt="cn= meTocentral02.ABC.com" (central02:389): Incremental update failed and requires administrator action > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project