Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Error creating FreeIPA replica on LXC
[root@ctipa ~]# ipa-replica-install -v -n ipa.pdp7.net -P alex -w $pw --mkhomedir
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG Logging to /var/log/ipareplica-install.log
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG ipa-replica-install was invoked with arguments [] and options: {'no_dns_sshfp': False, 'skip_schema_check': False, 'no_ntp': False, 'setup_kra': False, 'ip_addresses': None, 'secondary_rid_base': None, 'netbios_name': None, 'mkhomedir': True, 'http_cert_files': None, 'no_pkinit': False, 'principal': 'alex', 'no_forwarders': False, 'add_sids': False, 'keytab': None, 'ssh_trust_dns': False, 'no_msdcs': False, 'domain_name': 'ipa.pdp7.net', 'setup_adtrust': False, 'http_cert_name': None, 'dirsrv_cert_files': None, 'no_dnssec_validation': False, 'no_reverse': False, 'pkinit_cert_files': None, 'unattended': False, 'skip_conncheck': False, 'auto_reverse': False, 'auto_forwarders': False, 'no_host_dns': False, 'dirsrv_cert_name': None, 'no_ui_redirect': False, 'dirsrv_config_file': None, 'forwarders': None, 'verbose': True, 'setup_ca': False, 'servers': None, 'pkinit_cert_name': None, 'no_ssh': False, 'enable_compat': False, 'add_agents': False, 'realm_name': None, 'force_join': False, 'no_sshd': False, 'forward_policy': None, 'rid_base': None, 'quiet': False, 'setup_dns': False, 'host_name': None, 'log_file': None, 'reverse_zones': None, 'allow_zone_overlap': False}
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG IPA version 4.5.0-22.el7.centos
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG httpd is not configured
ipa : DEBUG kadmin is not configured
ipa : DEBUG dirsrv is not configured
ipa : DEBUG pki-tomcatd is not configured
ipa : DEBUG install is not configured
ipa : DEBUG krb5kdc is not configured
ipa : DEBUG ntpd is not configured
ipa : DEBUG named is not configured
ipa : DEBUG filestore is tracking no files
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=VirtualHost configuration:
*:8443 ctipa.h2.int.pdp7.net (/etc/httpd/conf.d/nss.conf:83)
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled chronyd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=Failed to get unit file state for chronyd.service: No such file or directory
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active chronyd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
ipa : DEBUG Configuring client side components
Configuring client side components
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/ipa-client-install --unattended --no-ntp --domain ipa.pdp7.net --principal alex --mkhomedir
Discovery was successful!
Client hostname: ctipa.h2.int.pdp7.net
Realm: IPA.PDP7.NET
DNS Domain: ipa.pdp7.net
IPA Server: ovh1.pdp7.net
BaseDN: dc=ipa,dc=pdp7,dc=net
Skipping synchronizing time with NTP server.
Successfully retrieved CA cert
Subject: CN=Certificate Authority,O=IPA.PDP7.NET
Issuer: CN=Certificate Authority,O=IPA.PDP7.NET
Valid From: 2018-01-07 18:29:55
Valid Until: 2038-01-07 18:29:55
Enrolled in IPA realm IPA.PDP7.NET
Created /etc/ipa/default.conf
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm IPA.PDP7.NET
trying https://ovh1.pdp7.net/ipa/json
[try 1]: Forwarding 'schema' to json server 'https://ovh1.pdp7.net/ipa/json'
trying https://ovh1.pdp7.net/ipa/session/json
[try 1]: Forwarding 'ping' to json server 'https://ovh1.pdp7.net/ipa/session/json'
[try 1]: Forwarding 'ca_is_enabled' to json server 'https://ovh1.pdp7.net/ipa/session/json'
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
[try 1]: Forwarding 'host_mod' to json server 'https://ovh1.pdp7.net/ipa/session/json'
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring ipa.pdp7.net as NIS domain.
Client configuration complete.
The ipa-client-install command was successful
ipa : DEBUG Process finished, return code=0
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG importing all plugin modules in ipaserver.plugins...
ipa : DEBUG importing plugin module ipaserver.plugins.aci
ipa : DEBUG importing plugin module ipaserver.plugins.automember
ipa : DEBUG importing plugin module ipaserver.plugins.automount
ipa : DEBUG importing plugin module ipaserver.plugins.baseldap
ipa : DEBUG ipaserver.plugins.baseldap is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.baseuser
ipa : DEBUG importing plugin module ipaserver.plugins.batch
ipa : DEBUG importing plugin module ipaserver.plugins.ca
ipa : DEBUG importing plugin module ipaserver.plugins.caacl
ipa : DEBUG importing plugin module ipaserver.plugins.cert
ipa : DEBUG importing plugin module ipaserver.plugins.certmap
ipa : DEBUG importing plugin module ipaserver.plugins.certprofile
ipa : DEBUG importing plugin module ipaserver.plugins.config
ipa : DEBUG importing plugin module ipaserver.plugins.delegation
ipa : DEBUG importing plugin module ipaserver.plugins.dns
ipa : DEBUG importing plugin module ipaserver.plugins.dnsserver
ipa : DEBUG importing plugin module ipaserver.plugins.dogtag
ipa : DEBUG skipping plugin module ipaserver.plugins.dogtag: dogtag not selected as RA plugin
ipa : DEBUG importing plugin module ipaserver.plugins.domainlevel
ipa : DEBUG importing plugin module ipaserver.plugins.group
ipa : DEBUG importing plugin module ipaserver.plugins.hbac
ipa : DEBUG ipaserver.plugins.hbac is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.hbacrule
ipa : DEBUG importing plugin module ipaserver.plugins.hbacsvc
ipa : DEBUG importing plugin module ipaserver.plugins.hbacsvcgroup
ipa : DEBUG importing plugin module ipaserver.plugins.hbactest
ipa : DEBUG importing plugin module ipaserver.plugins.host
ipa : DEBUG importing plugin module ipaserver.plugins.hostgroup
ipa : DEBUG importing plugin module ipaserver.plugins.idrange
ipa : DEBUG importing plugin module ipaserver.plugins.idviews
ipa : DEBUG importing plugin module ipaserver.plugins.internal
ipa : DEBUG importing plugin module ipaserver.plugins.join
ipa : DEBUG importing plugin module ipaserver.plugins.krbtpolicy
ipa : DEBUG importing plugin module ipaserver.plugins.ldap2
ipa : DEBUG importing plugin module ipaserver.plugins.location
ipa : DEBUG importing plugin module ipaserver.plugins.migration
ipa : DEBUG importing plugin module ipaserver.plugins.misc
ipa : DEBUG importing plugin module ipaserver.plugins.netgroup
ipa : DEBUG importing plugin module ipaserver.plugins.otp
ipa : DEBUG ipaserver.plugins.otp is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.otpconfig
ipa : DEBUG importing plugin module ipaserver.plugins.otptoken
ipa : DEBUG importing plugin module ipaserver.plugins.passwd
ipa : DEBUG importing plugin module ipaserver.plugins.permission
ipa : DEBUG importing plugin module ipaserver.plugins.ping
ipa : DEBUG importing plugin module ipaserver.plugins.pkinit
ipa : DEBUG importing plugin module ipaserver.plugins.privilege
ipa : DEBUG importing plugin module ipaserver.plugins.pwpolicy
ipa : DEBUG importing plugin module ipaserver.plugins.rabase
ipa : DEBUG ipaserver.plugins.rabase is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.radiusproxy
ipa : DEBUG importing plugin module ipaserver.plugins.realmdomains
ipa : DEBUG importing plugin module ipaserver.plugins.role
ipa : DEBUG importing plugin module ipaserver.plugins.schema
ipa : DEBUG importing plugin module ipaserver.plugins.selfservice
ipa : DEBUG importing plugin module ipaserver.plugins.selinuxusermap
ipa : DEBUG importing plugin module ipaserver.plugins.server
ipa : DEBUG importing plugin module ipaserver.plugins.serverrole
ipa : DEBUG importing plugin module ipaserver.plugins.serverroles
ipa : DEBUG importing plugin module ipaserver.plugins.service
ipa : DEBUG importing plugin module ipaserver.plugins.servicedelegation
ipa : DEBUG importing plugin module ipaserver.plugins.session
ipa : DEBUG importing plugin module ipaserver.plugins.stageuser
ipa : DEBUG importing plugin module ipaserver.plugins.sudo
ipa : DEBUG ipaserver.plugins.sudo is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.sudocmd
ipa : DEBUG importing plugin module ipaserver.plugins.sudocmdgroup
ipa : DEBUG importing plugin module ipaserver.plugins.sudorule
ipa : DEBUG importing plugin module ipaserver.plugins.topology
ipa : DEBUG importing plugin module ipaserver.plugins.trust
ipa : DEBUG importing plugin module ipaserver.plugins.user
ipa : DEBUG importing plugin module ipaserver.plugins.vault
ipa : DEBUG importing plugin module ipaserver.plugins.virtual
ipa : DEBUG ipaserver.plugins.virtual is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.whoami
ipa : DEBUG importing plugin module ipaserver.plugins.xmlserver
ipa : DEBUG importing all plugin modules in ipaserver.install.plugins...
ipa : DEBUG importing plugin module ipaserver.install.plugins.adtrust
ipa : DEBUG importing plugin module ipaserver.install.plugins.ca_renewal_master
ipa : DEBUG importing plugin module ipaserver.install.plugins.dns
ipa : DEBUG importing plugin module ipaserver.install.plugins.fix_replica_agreements
ipa : DEBUG importing plugin module ipaserver.install.plugins.rename_managed
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ca_topology
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_dna_shared_config
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_fix_duplicate_cacrt_in_ldap
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_idranges
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ldap_server_list
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_managed_permissions
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_nis
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_pacs
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_passsync
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ra_cert_store
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_referint
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_services
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_uniqueness
ipa : DEBUG importing plugin module ipaserver.install.plugins.upload_cacrt
ipa : DEBUG Check if ctipa.h2.int.pdp7.net is a primary hostname for localhost
ipa : DEBUG Primary hostname for localhost: ctipa.h2.int.pdp7.net
ipa : DEBUG Search DNS for ctipa.h2.int.pdp7.net
ipa : DEBUG Check if ctipa.h2.int.pdp7.net is not a CNAME
ipa : DEBUG Check reverse address of 10.42.42.73
ipa : DEBUG Found reverse name: ctipa.h2.int.pdp7.net
ipa : DEBUG Check if ovh1.pdp7.net is a primary hostname for localhost
ipa : DEBUG Primary hostname for localhost: ovh1.pdp7.net
ipa : DEBUG Search DNS for ovh1.pdp7.net
ipa : DEBUG Check if ovh1.pdp7.net is not a CNAME
ipa : DEBUG Check reverse address of 213.32.20.171
ipa : DEBUG Found reverse name: ovh1.pdp7.net
ipa : DEBUG Initializing principal host/ctipa.h2.int.pdp7.net@IPA.PDP7.NET using keytab /etc/krb5.keytab
ipa : DEBUG using ccache /tmp/krbccsaAAAb/ccache
ipa : DEBUG Attempt 1/1: success
ipa : DEBUG importing all plugin modules in ipaserver.plugins...
ipa : DEBUG importing plugin module ipaserver.plugins.aci
ipa : DEBUG importing plugin module ipaserver.plugins.automember
ipa : DEBUG importing plugin module ipaserver.plugins.automount
ipa : DEBUG importing plugin module ipaserver.plugins.baseldap
ipa : DEBUG ipaserver.plugins.baseldap is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.baseuser
ipa : DEBUG importing plugin module ipaserver.plugins.batch
ipa : DEBUG importing plugin module ipaserver.plugins.ca
ipa : DEBUG importing plugin module ipaserver.plugins.caacl
ipa : DEBUG importing plugin module ipaserver.plugins.cert
ipa : DEBUG importing plugin module ipaserver.plugins.certmap
ipa : DEBUG importing plugin module ipaserver.plugins.certprofile
ipa : DEBUG importing plugin module ipaserver.plugins.config
ipa : DEBUG importing plugin module ipaserver.plugins.delegation
ipa : DEBUG importing plugin module ipaserver.plugins.dns
ipa : DEBUG importing plugin module ipaserver.plugins.dnsserver
ipa : DEBUG importing plugin module ipaserver.plugins.dogtag
ipa : DEBUG skipping plugin module ipaserver.plugins.dogtag: dogtag not selected as RA plugin
ipa : DEBUG importing plugin module ipaserver.plugins.domainlevel
ipa : DEBUG importing plugin module ipaserver.plugins.group
ipa : DEBUG importing plugin module ipaserver.plugins.hbac
ipa : DEBUG ipaserver.plugins.hbac is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.hbacrule
ipa : DEBUG importing plugin module ipaserver.plugins.hbacsvc
ipa : DEBUG importing plugin module ipaserver.plugins.hbacsvcgroup
ipa : DEBUG importing plugin module ipaserver.plugins.hbactest
ipa : DEBUG importing plugin module ipaserver.plugins.host
ipa : DEBUG importing plugin module ipaserver.plugins.hostgroup
ipa : DEBUG importing plugin module ipaserver.plugins.idrange
ipa : DEBUG importing plugin module ipaserver.plugins.idviews
ipa : DEBUG importing plugin module ipaserver.plugins.internal
ipa : DEBUG importing plugin module ipaserver.plugins.join
ipa : DEBUG importing plugin module ipaserver.plugins.krbtpolicy
ipa : DEBUG importing plugin module ipaserver.plugins.ldap2
ipa : DEBUG importing plugin module ipaserver.plugins.location
ipa : DEBUG importing plugin module ipaserver.plugins.migration
ipa : DEBUG importing plugin module ipaserver.plugins.misc
ipa : DEBUG importing plugin module ipaserver.plugins.netgroup
ipa : DEBUG importing plugin module ipaserver.plugins.otp
ipa : DEBUG ipaserver.plugins.otp is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.otpconfig
ipa : DEBUG importing plugin module ipaserver.plugins.otptoken
ipa : DEBUG importing plugin module ipaserver.plugins.passwd
ipa : DEBUG importing plugin module ipaserver.plugins.permission
ipa : DEBUG importing plugin module ipaserver.plugins.ping
ipa : DEBUG importing plugin module ipaserver.plugins.pkinit
ipa : DEBUG importing plugin module ipaserver.plugins.privilege
ipa : DEBUG importing plugin module ipaserver.plugins.pwpolicy
ipa : DEBUG importing plugin module ipaserver.plugins.rabase
ipa : DEBUG ipaserver.plugins.rabase is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.radiusproxy
ipa : DEBUG importing plugin module ipaserver.plugins.realmdomains
ipa : DEBUG importing plugin module ipaserver.plugins.role
ipa : DEBUG importing plugin module ipaserver.plugins.schema
ipa : DEBUG importing plugin module ipaserver.plugins.selfservice
ipa : DEBUG importing plugin module ipaserver.plugins.selinuxusermap
ipa : DEBUG importing plugin module ipaserver.plugins.server
ipa : DEBUG importing plugin module ipaserver.plugins.serverrole
ipa : DEBUG importing plugin module ipaserver.plugins.serverroles
ipa : DEBUG importing plugin module ipaserver.plugins.service
ipa : DEBUG importing plugin module ipaserver.plugins.servicedelegation
ipa : DEBUG importing plugin module ipaserver.plugins.session
ipa : DEBUG importing plugin module ipaserver.plugins.stageuser
ipa : DEBUG importing plugin module ipaserver.plugins.sudo
ipa : DEBUG ipaserver.plugins.sudo is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.sudocmd
ipa : DEBUG importing plugin module ipaserver.plugins.sudocmdgroup
ipa : DEBUG importing plugin module ipaserver.plugins.sudorule
ipa : DEBUG importing plugin module ipaserver.plugins.topology
ipa : DEBUG importing plugin module ipaserver.plugins.trust
ipa : DEBUG importing plugin module ipaserver.plugins.user
ipa : DEBUG importing plugin module ipaserver.plugins.vault
ipa : DEBUG importing plugin module ipaserver.plugins.virtual
ipa : DEBUG ipaserver.plugins.virtual is not a valid plugin module
ipa : DEBUG importing plugin module ipaserver.plugins.whoami
ipa : DEBUG importing plugin module ipaserver.plugins.xmlserver
ipa : DEBUG importing all plugin modules in ipaserver.install.plugins...
ipa : DEBUG importing plugin module ipaserver.install.plugins.adtrust
ipa : DEBUG importing plugin module ipaserver.install.plugins.ca_renewal_master
ipa : DEBUG importing plugin module ipaserver.install.plugins.dns
ipa : DEBUG importing plugin module ipaserver.install.plugins.fix_replica_agreements
ipa : DEBUG importing plugin module ipaserver.install.plugins.rename_managed
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ca_topology
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_dna_shared_config
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_fix_duplicate_cacrt_in_ldap
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_idranges
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ldap_server_list
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_managed_permissions
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_nis
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_pacs
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_passsync
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_ra_cert_store
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_referint
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_services
ipa : DEBUG importing plugin module ipaserver.install.plugins.update_uniqueness
ipa : DEBUG importing plugin module ipaserver.install.plugins.upload_cacrt
ipa.ipalib.rpc.jsonclient: DEBUG Error retrieving cookie from the persistent storage: expected string or buffer
ipa.ipalib.rpc.jsonclient: DEBUG failed to find session_cookie in persistent storage for principal 'host/ctipa.h2.int.pdp7.net@IPA.PDP7.NET'
ipa.ipalib.rpc.jsonclient: INFO trying https://ovh1.pdp7.net/ipa/json
ipa.ipalib.rpc.jsonclient: DEBUG Created connection context.jsonclient_124107152
ipa.ipalib.rpc.jsonclient: INFO [try 1]: Forwarding 'env' to json server 'https://ovh1.pdp7.net/ipa/json'
ipa : DEBUG New HTTP connection (ovh1.pdp7.net)
ipa : DEBUG received Set-Cookie (<type 'list'>)'['ipa_session=MagBearerToken=zrOij3%2bXWWhI8BgceWj00pDxtJ3o8sOs0nMr%2bRw5E6xu7x%2bujp7TpqO9pI1ymmdSRVq0nHcA6Q6HMMwCeoGJaDs8t9Mu1gGY6ZlU1Omy5ir5FCXcxsFLquEW0n3c3fXA3q0RxghzV8cLS%2bUWejPVB5gpRbzZtnn%2fVhTPPmI1yvlOCmeZl8gqlLzbPIqHgOPfEgo7A5a5Q7bZH7GEpCgpkbIKt982XsnSvodmu127RpbW5wdfnBdqoBVUHSDLTxRnOsnk%2fU6uC%2fB%2fsb7bf4QvbA%3d%3d;path=/ipa;httponly;secure;']'
ipa : DEBUG storing cookie 'ipa_session=MagBearerToken=zrOij3%2bXWWhI8BgceWj00pDxtJ3o8sOs0nMr%2bRw5E6xu7x%2bujp7TpqO9pI1ymmdSRVq0nHcA6Q6HMMwCeoGJaDs8t9Mu1gGY6ZlU1Omy5ir5FCXcxsFLquEW0n3c3fXA3q0RxghzV8cLS%2bUWejPVB5gpRbzZtnn%2fVhTPPmI1yvlOCmeZl8gqlLzbPIqHgOPfEgo7A5a5Q7bZH7GEpCgpkbIKt982XsnSvodmu127RpbW5wdfnBdqoBVUHSDLTxRnOsnk%2fU6uC%2fB%2fsb7bf4QvbA%3d%3d;' for principal host/ctipa.h2.int.pdp7.net@IPA.PDP7.NET
ipa.ipalib.rpc.jsonclient: INFO [try 1]: Forwarding 'env' to json server 'https://ovh1.pdp7.net/ipa/json'
ipa : DEBUG HTTP connection keep-alive (ovh1.pdp7.net)
ipa : DEBUG received Set-Cookie (<type 'list'>)'['ipa_session=MagBearerToken=KAseIakMeymPhcmwzYyj9dU3%2fSgXma%2bjlrUeb3ciVxhCFkURlpGS%2bG6VOyxHVu8%2bKVianIuwEggS2xKamYJkyDGxWQFqMKDoNFMwFCgDldAj%2fKmixISfN2BzlTJ33l7AGUL8aWvHoUA4AK4n7xp9eszYz5RPo3F3DTojoydOhTTQIgPHs5Xv89ob4x3dDitq2wQ8IfbxoT2KT8q9mat1wiZ%2fGxg%2fUpc6iVXsbt4oa8MMx94RpoxGV9ed8Ih1cI3K4WmQZebh4yCo13DNo%2b%2bW1Q%3d%3d;path=/ipa;httponly;secure;']'
ipa : DEBUG storing cookie 'ipa_session=MagBearerToken=KAseIakMeymPhcmwzYyj9dU3%2fSgXma%2bjlrUeb3ciVxhCFkURlpGS%2bG6VOyxHVu8%2bKVianIuwEggS2xKamYJkyDGxWQFqMKDoNFMwFCgDldAj%2fKmixISfN2BzlTJ33l7AGUL8aWvHoUA4AK4n7xp9eszYz5RPo3F3DTojoydOhTTQIgPHs5Xv89ob4x3dDitq2wQ8IfbxoT2KT8q9mat1wiZ%2fGxg%2fUpc6iVXsbt4oa8MMx94RpoxGV9ed8Ih1cI3K4WmQZebh4yCo13DNo%2b%2bW1Q%3d%3d;' for principal host/ctipa.h2.int.pdp7.net@IPA.PDP7.NET
ipa.ipalib.rpc.jsonclient: DEBUG Destroyed connection context.jsonclient_124107152
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_94225936
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ovh1.pdp7.net from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ovh1.pdp7.net conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7659a28>
ipa.ipaserver.plugins.domainlevel.domainlevel_get: DEBUG raw: domainlevel_get(version=u'2.228')
ipa.ipaserver.plugins.domainlevel.domainlevel_get: DEBUG domainlevel_get(version=u'2.228')
ipa.ipaserver.plugins.hostgroup.hostgroup_find: DEBUG raw: hostgroup_find(None, cn=u'ipaservers', version=u'2.228', host=[u'ctipa.h2.int.pdp7.net'])
ipa.ipaserver.plugins.hostgroup.hostgroup_find: DEBUG hostgroup_find(None, cn=u'ipaservers', all=False, raw=False, version=u'2.228', no_members=True, pkey_only=False, host=(u'ctipa.h2.int.pdp7.net',))
ipa : DEBUG KRB5CCNAME set to None
ipa : DEBUG Failed to find default ccache: Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2529639053): No Kerberos credentials available (default cache: KEYRING:persistent:0)
ipa : DEBUG Initializing principal alex@IPA.PDP7.NET using password
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/kinit alex@IPA.PDP7.NET -c /tmp/tmp4SNQ_Z
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=Password for alex@IPA.PDP7.NET:
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_94225936
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_94225936
ipa.ipaserver.plugins.hostgroup.hostgroup_show: DEBUG raw: hostgroup_show(u'ipaservers', rights=True, all=True, version=u'2.228')
ipa.ipaserver.plugins.hostgroup.hostgroup_show: DEBUG hostgroup_show(u'ipaservers', rights=True, all=True, raw=False, version=u'2.228', no_members=False)
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ovh1.pdp7.net from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ovh1.pdp7.net conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7659b00>
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_94225936
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_94225936
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ovh1.pdp7.net from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ovh1.pdp7.net conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7659a28>
ipa : DEBUG Check forward/reverse DNS resolution
ipa : DEBUG Search DNS server ovh1.pdp7.net (['213.32.20.171', '213.32.20.171', '213.32.20.171']) for ovh1.pdp7.net
ipa : DEBUG Check reverse address 213.32.20.171 (ovh1.pdp7.net)
ipa : DEBUG Address 213.32.20.171 resolves to: ovh1.pdp7.net..
ipa : DEBUG Search DNS server ovh1.pdp7.net (['213.32.20.171', '213.32.20.171', '213.32.20.171']) for ctipa.h2.int.pdp7.net
ipa : DEBUG Check reverse address 10.42.42.73 (ctipa.h2.int.pdp7.net)
ipa : DEBUG Address 10.42.42.73 resolves to: ctipa.h2.int.pdp7.net..
ipa : DEBUG Name ctipa.h2.int.pdp7.net resolved to set([UnsafeIPAddress('10.42.42.73')])
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_94225936
Run connection check to master
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/ipa-replica-conncheck --master ovh1.pdp7.net --auto-master-check --realm IPA.PDP7.NET --hostname ctipa.h2.int.pdp7.net --principal alex --password XXXXXXXX --ca-cert-file /etc/ipa/ca.crt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Check connection from replica to remote master 'ovh1.pdp7.net':
Directory Service: Unsecure port (389): OK
Directory Service: Secure port (636): OK
Kerberos KDC: TCP (88): OK
Kerberos Kpasswd: TCP (464): OK
HTTP Server: Unsecure port (80): OK
HTTP Server: Secure port (443): OK
The following list of ports use UDP protocoland would need to be
checked manually:
Kerberos KDC: UDP (88): SKIPPED
Kerberos Kpasswd: UDP (464): SKIPPED
Connection from replica to master is OK.
Start listening on required ports for remote master check
Get credentials to log in to remote master
Check RPC connection to remote master
trying https://ovh1.pdp7.net/ipa/json
[try 1]: Forwarding 'ping/1' to json server 'https://ovh1.pdp7.net/ipa/json'
Execute check on remote master
[try 1]: Forwarding 'server_conncheck' to json server 'https://ovh1.pdp7.net/ipa/json'
Check connection from master to remote replica 'ctipa.h2.int.pdp7.net':
Directory Service: Unsecure port (389): OK
Directory Service: Secure port (636): OK
Kerberos KDC: TCP (88): OK
Kerberos KDC: UDP (88): OK
Kerberos Kpasswd: TCP (464): OK
Kerberos Kpasswd: UDP (464): OK
HTTP Server: Unsecure port (80): OK
HTTP Server: Secure port (443): OK
Connection from master to replica is OK.
Connection check OK
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_94225936
ipa.ipaserver.plugins.hostgroup.hostgroup_add_member: DEBUG raw: hostgroup_add_member(u'ipaservers', version=u'2.228', host=[u'ctipa.h2.int.pdp7.net'])
ipa.ipaserver.plugins.hostgroup.hostgroup_add_member: DEBUG hostgroup_add_member(u'ipaservers', all=False, raw=False, version=u'2.228', no_members=False, host=(u'ctipa.h2.int.pdp7.net',))
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG add_entry_to_group: dn=fqdn=ctipa.h2.int.pdp7.net,cn=computers,cn=accounts,dc=ipa,dc=pdp7,dc=net group_dn=cn=ipaservers,cn=hostgroups,cn=accounts,dc=ipa,dc=pdp7,dc=net member_attr=member
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ovh1.pdp7.net from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ovh1.pdp7.net conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x80d42d8>
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_94225936
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start messagebus.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active messagebus.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl enable certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Created symlink from /etc/systemd/system/multi-user.target.wants/certmonger.service to /usr/lib/systemd/system/certmonger.service.
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled chronyd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=Failed to get unit file state for chronyd.service: No such file or directory
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active chronyd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring NTP daemon (ntpd)
Configuring NTP daemon (ntpd)
ipa : DEBUG [1/4]: stopping ntpd
[1/4]: stopping ntpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active ntpd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/4]: writing configuration
[2/4]: writing configuration
ipa : DEBUG Backing up system configuration file '/etc/ntp.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/ntpd'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/4]: configuring ntpd to start on boot
[3/4]: configuring ntpd to start on boot
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled ntpd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=disabled
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl enable ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/4]: starting ntpd
[4/4]: starting ntpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG Done configuring NTP daemon (ntpd).
Done configuring NTP daemon (ntpd).
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_94225936
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ovh1.pdp7.net from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ovh1.pdp7.net conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x69c7368>
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring directory server (dirsrv). Estimated time: 30 seconds
Configuring directory server (dirsrv). Estimated time: 30 seconds
ipa : DEBUG [1/40]: creating directory server instance
[1/40]: creating directory server instance
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG
dn: dc=ipa,dc=pdp7,dc=net
objectClass: top
objectClass: domain
objectClass: pilotObject
dc: ipa
info: IPA V2.0
ipa : DEBUG writing inf template
ipa : DEBUG
[General]
FullMachineName= ctipa.h2.int.pdp7.net
SuiteSpotUserID= dirsrv
SuiteSpotGroup= dirsrv
ServerRoot= /usr/lib64/dirsrv
[slapd]
ServerPort= 389
ServerIdentifier= IPA-PDP7-NET
Suffix= dc=ipa,dc=pdp7,dc=net
RootDN= cn=Directory Manager
InstallLdifFile= /var/lib/dirsrv/boot.ldif
inst_dir= /var/lib/dirsrv/scripts-IPA-PDP7-NET
ipa : DEBUG calling setup-ds.pl
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp9WwitR
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=[18/01/09:20:21:57] - [Setup] Info Your new DS instance 'IPA-PDP7-NET' was successfully created.
Your new DS instance 'IPA-PDP7-NET' was successfully created.
[18/01/09:20:21:57] - [Setup] Success Exiting . . .
Log file is '-'
Exiting . . .
Log file is '-'
ipa : DEBUG stderr=
ipa : DEBUG completed creating DS instance
ipa : DEBUG duration: 2 seconds
ipa : DEBUG [2/40]: enabling ldapi
[2/40]: enabling ldapi
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpQEYOxH -H ldap://localhost -x -D cn=Directory Manager -y /tmp/tmpwEoI1g
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-ldapilisten:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://localhost:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/40]: configure autobind for root
[3/40]: configure autobind for root
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/root-autobind.ldif -H ldap://localhost -x -D cn=Directory Manager -y /tmp/tmpSvd77s
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
extensibleObject
top
add cn:
root-autobind
add uidNumber:
0
add gidNumber:
0
adding new entry "cn=root-autobind,cn=config"
modify complete
replace nsslapd-ldapiautobind:
on
modifying entry "cn=config"
modify complete
replace nsslapd-ldapimaptoentries:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://localhost:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/40]: stopping directory server
[4/40]: stopping directory server
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 4 seconds
ipa : DEBUG [5/40]: updating configuration in dse.ldif
[5/40]: updating configuration in dse.ldif
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [6/40]: starting directory server
[6/40]: starting directory server
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG waiting for port: 389
ipa : DEBUG SUCCESS: port: 389
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [7/40]: adding default schema
[7/40]: adding default schema
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [8/40]: enabling memberof plugin
[8/40]: enabling memberof plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/memberof-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-pluginenabled:
on
add memberofgroupattr:
memberUser
add memberofgroupattr:
memberHost
modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [9/40]: enabling winsync plugin
[9/40]: enabling winsync plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-winsync-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa-winsync
add nsslapd-pluginpath:
libipa_winsync
add nsslapd-plugininitfunc:
ipa_winsync_plugin_init
add nsslapd-pluginDescription:
Allows IPA to work with the DS windows sync feature
add nsslapd-pluginid:
ipa-winsync
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
on
add nsslapd-plugin-depends-on-type:
database
add ipaWinSyncRealmFilter:
(objectclass=krbRealmContainer)
add ipaWinSyncRealmAttr:
cn
add ipaWinSyncNewEntryFilter:
(cn=ipaConfig)
add ipaWinSyncNewUserOCAttr:
ipauserobjectclasses
add ipaWinSyncUserFlatten:
true
add ipaWinsyncHomeDirAttr:
ipaHomesRootDir
add ipaWinsyncLoginShellAttr:
ipaDefaultLoginShell
add ipaWinSyncDefaultGroupAttr:
ipaDefaultPrimaryGroup
add ipaWinSyncDefaultGroupFilter:
(gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames)
add ipaWinSyncAcctDisable:
both
add ipaWinSyncForceSync:
true
add ipaWinSyncUserAttr:
uidNumber -1
gidNumber -1
adding new entry "cn=ipa-winsync,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [10/40]: configuring replication version plugin
[10/40]: configuring replication version plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/version-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA Version Replication
add nsslapd-pluginpath:
libipa_repl_version
add nsslapd-plugininitfunc:
repl_version_plugin_init
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
off
add nsslapd-pluginid:
ipa_repl_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA Replication version plugin
add nsslapd-plugin-depends-on-type:
database
add nsslapd-plugin-depends-on-named:
Multimaster Replication Plugin
adding new entry "cn=IPA Version Replication,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [11/40]: enabling IPA enrollment plugin
[11/40]: enabling IPA enrollment plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpCBKd6v -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa_enrollment_extop
add nsslapd-pluginpath:
libipa_enrollment_extop
add nsslapd-plugininitfunc:
ipaenrollment_init
add nsslapd-plugintype:
extendedop
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_enrollment_extop
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
RedHat
add nsslapd-plugindescription:
Enroll hosts into the IPA domain
add nsslapd-plugin-depends-on-type:
database
add nsslapd-realmTree:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=ipa_enrollment_extop,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [12/40]: configuring uniqueness plugin
[12/40]: configuring uniqueness plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp73EDwc -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
krbPrincipalName uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add uniqueness-attribute-name:
krbPrincipalName
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
add uniqueness-subtrees:
dc=ipa,dc=pdp7,dc=net
add uniqueness-exclude-subtrees:
cn=staged users,cn=accounts,cn=provisioning,dc=ipa,dc=pdp7,dc=net
add uniqueness-across-all-subtrees:
on
adding new entry "cn=krbPrincipalName uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
krbCanonicalName uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add uniqueness-attribute-name:
krbCanonicalName
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
add uniqueness-subtrees:
dc=ipa,dc=pdp7,dc=net
add uniqueness-exclude-subtrees:
cn=staged users,cn=accounts,cn=provisioning,dc=ipa,dc=pdp7,dc=net
add uniqueness-across-all-subtrees:
on
adding new entry "cn=krbCanonicalName uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
netgroup uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add uniqueness-attribute-name:
cn
add uniqueness-subtrees:
cn=ng,cn=alt,dc=ipa,dc=pdp7,dc=net
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
adding new entry "cn=netgroup uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipaUniqueID uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add uniqueness-attribute-name:
ipaUniqueID
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
add uniqueness-subtrees:
dc=ipa,dc=pdp7,dc=net
add uniqueness-exclude-subtrees:
cn=staged users,cn=accounts,cn=provisioning,dc=ipa,dc=pdp7,dc=net
add uniqueness-across-all-subtrees:
on
adding new entry "cn=ipaUniqueID uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
sudorule name uniqueness
add nsslapd-pluginDescription:
Enforce unique attribute values
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add uniqueness-attribute-name:
cn
add uniqueness-subtrees:
cn=sudorules,cn=sudo,dc=ipa,dc=pdp7,dc=net
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
adding new entry "cn=sudorule name uniqueness,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [13/40]: configuring uuid plugin
[13/40]: configuring uuid plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/uuid-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA UUID
add nsslapd-pluginpath:
libipa_uuid
add nsslapd-plugininitfunc:
ipauuid_init
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipauuid_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA UUID plugin
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA UUID,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpbDwDzx -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
extensibleObject
add cn:
IPA Unique IDs
add ipaUuidAttr:
ipaUniqueID
add ipaUuidMagicRegen:
autogenerate
add ipaUuidFilter:
(|(objectclass=ipaObject)(objectclass=ipaAssociation))
add ipaUuidScope:
dc=ipa,dc=pdp7,dc=net
add ipaUuidEnforce:
TRUE
adding new entry "cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config"
modify complete
add objectclass:
top
extensibleObject
add cn:
IPK11 Unique IDs
add ipaUuidAttr:
ipk11UniqueID
add ipaUuidMagicRegen:
autogenerate
add ipaUuidFilter:
(objectclass=ipk11Object)
add ipaUuidScope:
dc=ipa,dc=pdp7,dc=net
add ipaUuidEnforce:
FALSE
adding new entry "cn=IPK11 Unique IDs,cn=IPA UUID,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [14/40]: configuring modrdn plugin
[14/40]: configuring modrdn plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/modrdn-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA MODRDN
add nsslapd-pluginpath:
libipa_modrdn
add nsslapd-plugininitfunc:
ipamodrdn_init
add nsslapd-plugintype:
betxnpostoperation
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipamodrdn_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA MODRDN plugin
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginPrecedence:
60
adding new entry "cn=IPA MODRDN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpL3t5l5 -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
extensibleObject
add cn:
Kerberos Principal Name
add ipaModRDNsourceAttr:
uid
add ipaModRDNtargetAttr:
krbPrincipalName
add ipaModRDNsuffix:
@IPA.PDP7.NET
add ipaModRDNfilter:
(&(objectclass=posixaccount)(objectclass=krbPrincipalAux))
add ipaModRDNscope:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config"
modify complete
add objectclass:
top
extensibleObject
add cn:
Kerberos Canonical Name
add ipaModRDNsourceAttr:
uid
add ipaModRDNtargetAttr:
krbCanonicalName
add ipaModRDNsuffix:
@IPA.PDP7.NET
add ipaModRDNfilter:
(&(objectclass=posixaccount)(objectclass=krbPrincipalAux))
add ipaModRDNscope:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=Kerberos Canonical Name,cn=IPA MODRDN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [15/40]: configuring DNS plugin
[15/40]: configuring DNS plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-dns-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsslapdPlugin
extensibleObject
add cn:
IPA DNS
add nsslapd-plugindescription:
IPA DNS support plugin
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_dns
add nsslapd-plugininitfunc:
ipadns_init
add nsslapd-pluginpath:
libipa_dns.so
add nsslapd-plugintype:
preoperation
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-pluginversion:
1.0
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA DNS,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [16/40]: enabling entryUSN plugin
[16/40]: enabling entryUSN plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/entryusn.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-entryusn-global:
on
modifying entry "cn=config"
modify complete
replace nsslapd-entryusn-import-initval:
next
modifying entry "cn=config"
modify complete
replace nsslapd-pluginenabled:
on
modifying entry "cn=USN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [17/40]: configuring lockout plugin
[17/40]: configuring lockout plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/lockout-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA Lockout
add nsslapd-pluginpath:
libipa_lockout
add nsslapd-plugininitfunc:
ipalockout_init
add nsslapd-plugintype:
object
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipalockout_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA Lockout plugin
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA Lockout,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [18/40]: configuring topology plugin
[18/40]: configuring topology plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp2RPheD -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA Topology Configuration
add nsslapd-pluginPath:
libtopology
add nsslapd-pluginInitfunc:
ipa_topo_init
add nsslapd-pluginType:
object
add nsslapd-pluginEnabled:
on
add nsslapd-topo-plugin-shared-config-base:
cn=ipa,cn=etc,dc=ipa,dc=pdp7,dc=net
add nsslapd-topo-plugin-shared-replica-root:
dc=ipa,dc=pdp7,dc=net
o=ipaca
add nsslapd-topo-plugin-shared-binddngroup:
cn=replication managers,cn=sysaccounts,cn=etc,dc=ipa,dc=pdp7,dc=net
add nsslapd-topo-plugin-startup-delay:
20
add nsslapd-pluginId:
none
add nsslapd-plugin-depends-on-named:
ldbm database
Multimaster Replication Plugin
add nsslapd-pluginVersion:
1.0
add nsslapd-pluginVendor:
none
add nsslapd-pluginDescription:
none
adding new entry "cn=IPA Topology Configuration,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [19/40]: creating indices
[19/40]: creating indices
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/indices.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
top
nsIndex
add cn:
krbPrincipalName
add nsSystemIndex:
false
add nsIndexType:
eq
sub
add nsMatchingRule:
caseIgnoreIA5Match
caseExactIA5Match
adding new entry "cn=krbPrincipalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
ou
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=ou,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
carLicense
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=carLicense,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
title
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=title,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
manager
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=manager,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
secretary
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=secretary,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
displayname
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=displayname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add nsIndexType:
sub
modifying entry "cn=uid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
uidnumber
add nsSystemIndex:
false
add nsIndexType:
eq
add nsMatchingRule:
integerOrderingMatch
adding new entry "cn=uidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
gidnumber
add nsSystemIndex:
false
add nsIndexType:
eq
add nsMatchingRule:
integerOrderingMatch
adding new entry "cn=gidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
replace nsIndexType:
eq
pres
modifying entry "cn=ntUniqueId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
replace nsIndexType:
eq
pres
modifying entry "cn=ntUserDomainId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add ObjectClass:
top
nsIndex
add cn:
fqdn
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=fqdn,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add ObjectClass:
top
nsIndex
add cn:
macAddress
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=macAddress,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberHost
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberHost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberUser
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberUser,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
sourcehost
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=sourcehost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberservice
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberservice,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
managedby
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=managedby,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberallowcmd
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberallowcmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberdenycmd
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberdenycmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipasudorunas
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipasudorunas,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipasudorunasgroup
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipasudorunasgroup,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
automountkey
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipakrbprincipalalias
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=ipakrbprincipalalias,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipauniqueid
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=ipauniqueid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipaMemberCa
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipaMemberCa,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipaMemberCertProfile
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipaMemberCertProfile,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
userCertificate
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=userCertificate,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipalocation
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=ipalocation,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
krbCanonicalName
add objectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=krbCanonicalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [20/40]: enabling referential integrity plugin
[20/40]: enabling referential integrity plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/referint-conf.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-pluginenabled:
on
modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [21/40]: configuring certmap.conf
[21/40]: configuring certmap.conf
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [22/40]: configure new location for managed entries
[22/40]: configure new location for managed entries
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpY6tWAw -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add nsslapd-pluginConfigArea:
cn=Definitions,cn=Managed Entries,cn=etc,dc=ipa,dc=pdp7,dc=net
modifying entry "cn=Managed Entries,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [23/40]: configure dirsrv ccache
[23/40]: configure dirsrv ccache
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [24/40]: enabling SASL mapping fallback
[24/40]: enabling SASL mapping fallback
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpzgFXqy -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-sasl-mapping-fallback:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [25/40]: restarting directory server
[25/40]: restarting directory server
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG waiting for port: 389
ipa : DEBUG SUCCESS: port: 389
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG duration: 4 seconds
ipa : DEBUG [26/40]: creating DS keytab
[26/40]: creating DS keytab
ipa.ipaserver.plugins.service.service_add: DEBUG raw: service_add(u'ldap/ctipa.h2.int.pdp7.net@IPA.PDP7.NET', force=True, version=u'2.228')
ipa.ipaserver.plugins.service.service_add: DEBUG service_add(ipapython.kerberos.Principal('ldap/ctipa.h2.int.pdp7.net@IPA.PDP7.NET'), force=True, all=False, raw=False, version=u'2.228', no_members=False)
ipa.ipaserver.plugins.host.host_show: DEBUG raw: host_show(u'ctipa.h2.int.pdp7.net', version=u'2.228')
ipa.ipaserver.plugins.host.host_show: DEBUG host_show(u'ctipa.h2.int.pdp7.net', rights=False, all=False, raw=False, version=u'2.228', no_members=False)
ipa : DEBUG Backing up system configuration file '/etc/dirsrv/ds.keytab'
ipa : DEBUG -> Not backing up - '/etc/dirsrv/ds.keytab' doesn't exist
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/ipa-getkeytab -k /etc/dirsrv/ds.keytab -p ldap/ctipa.h2.int.pdp7.net@IPA.PDP7.NET -H ldaps://ovh1.pdp7.net
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Keytab successfully retrieved and stored in: /etc/dirsrv/ds.keytab
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [27/40]: setting up initial replication
[27/40]: setting up initial replication
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-IPA-PDP7-NET.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x80d5fc8>
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5]
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldap://ovh1.pdp7.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x80c3248>
ipa : DEBUG Successfully updated nsDS5ReplicaId.
Starting replication, please wait until this has completed.
Update in progress, 6 seconds elapsed
Update succeeded
ipa : DEBUG duration: 12 seconds
ipa : DEBUG [28/40]: adding sasl mappings to the directory
[28/40]: adding sasl mappings to the directory
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x80f7518>
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [29/40]: updating schema
[29/40]: updating schema
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/schema-update.ldif -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClasses:
( 2.16.840.1.113730.3.2.41 NAME 'nsslapdPlugin' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsslapd-pluginPath $ nsslapd-pluginInitFunc $ nsslapd-pluginType $ nsslapd-pluginId $ nsslapd-pluginVersion $ nsslapd-pluginVendor $ nsslapd-pluginDescription $ nsslapd-pluginEnabled ) MAY ( nsslapd-pluginConfigArea $ nsslapd-plugin-depends-on-type ) X-ORIGIN 'Netscape Directory Server' )
( 2.16.840.1.113730.3.2.317 NAME 'nsSaslMapping' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsSaslMapRegexString $ nsSaslMapBaseDNTemplate $ nsSaslMapFilterTemplate ) MAY ( nsSaslMapPriority ) X-ORIGIN 'Netscape Directory Server' )
modifying entry "cn=schema"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [30/40]: setting Auto Member configuration
[30/40]: setting Auto Member configuration
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp1RnBlQ -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add nsslapd-pluginConfigArea:
cn=automember,cn=etc,dc=ipa,dc=pdp7,dc=net
modifying entry "cn=Auto Membership Plugin,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [31/40]: enabling S4U2Proxy delegation
[31/40]: enabling S4U2Proxy delegation
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [32/40]: initializing group membership
[32/40]: initializing group membership
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [33/40]: adding master entry
[33/40]: adding master entry
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpH34RsK -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsContainer
ipaReplTopoManagedServer
ipaConfigObject
ipaSupportedDomainLevelConfig
add cn:
ctipa.h2.int.pdp7.net
add ipaReplTopoManagedSuffix:
dc=ipa,dc=pdp7,dc=net
add ipaMinDomainLevel:
0
add ipaMaxDomainLevel:
1
adding new entry "cn=ctipa.h2.int.pdp7.net,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=pdp7,dc=net"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [34/40]: initializing domain level
[34/40]: initializing domain level
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [35/40]: configuring Posix uid/gid generation
[35/40]: configuring Posix uid/gid generation
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpTHCwRY -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
extensibleObject
add cn:
Posix IDs
add dnaType:
uidNumber
gidNumber
add dnaNextValue:
1101
add dnaMaxValue:
1100
add dnaMagicRegen:
-1
add dnaFilter:
(|(objectClass=posixAccount)(objectClass=posixGroup)(objectClass=ipaIDobject))
add dnaScope:
dc=ipa,dc=pdp7,dc=net
add dnaThreshold:
500
add dnaSharedCfgDN:
cn=posix-ids,cn=dna,cn=ipa,cn=etc,dc=ipa,dc=pdp7,dc=net
add dnaExcludeScope:
cn=provisioning,dc=ipa,dc=pdp7,dc=net
adding new entry "cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config"
modify complete
replace nsslapd-pluginEnabled:
on
modifying entry "cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [36/40]: adding replication acis
[36/40]: adding replication acis
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpHFc3vI -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add aci:
(targetattr = "cn || createtimestamp || description || entryusn || modifytimestamp || nsds50ruv || nsds5beginreplicarefresh || nsds5debugreplicatimeout || nsds5flags || nsds5replicaabortcleanruv || nsds5replicaautoreferral || nsds5replicabackoffmax || nsds5replicabackoffmin || nsds5replicabinddn || nsds5replicabindmethod || nsds5replicabusywaittime || nsds5replicachangecount || nsds5replicachangessentsincestartup || nsds5replicacleanruv || nsds5replicacleanruvnotified || nsds5replicacredentials || nsds5replicaenabled || nsds5replicahost || nsds5replicaid || nsds5replicalastinitend || nsds5replicalastinitstart || nsds5replicalastinitstatus || nsds5replicalastupdateend || nsds5replicalastupdatestart || nsds5replicalastupdatestatus || nsds5replicalegacyconsumer || nsds5replicaname || nsds5replicaport || nsds5replicaprotocoltimeout || nsds5replicapurgedelay || nsds5replicareferral || nsds5replicaroot || nsds5replicasessionpausetime || nsds5replicastripattrs || nsds5replicatedattributelist || nsds5replicatedattributelisttotal || nsds5replicatimeout || nsds5replicatombstonepurgeinterval || nsds5replicatransportinfo || nsds5replicatype || nsds5replicaupdateinprogress || nsds5replicaupdateschedule || nsds5task || nsds7directoryreplicasubtree || nsds7dirsynccookie || nsds7newwingroupsyncenabled || nsds7newwinusersyncenabled || nsds7windowsdomain || nsds7windowsreplicasubtree || nsruvreplicalastmodified || nsstate || objectclass || onewaysync || winsyncdirectoryfilter || winsyncinterval || winsyncmoveaction || winsyncsubtreepair || winsyncwindowsfilter")(targetfilter = "(|(objectclass=nsds5Replica)(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement)(objectClass=nsMappingTree))")(version 3.0;acl "permission:Read Replication Agreements";allow (compare,read,search) groupdn = "ldap:///cn=Read Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=mapping tree,cn=config"
modify complete
add aci:
(targetattr=*)(version 3.0;acl "permission:Add Replication Agreements";allow (add) groupdn = "ldap:///cn=Add Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=mapping tree,cn=config"
modify complete
add aci:
(targetattr=*)(targetfilter="(|(objectclass=nsds5Replica)(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement)(objectClass=nsMappingTree))")(version 3.0; acl "permission:Modify Replication Agreements"; allow (read, write, search) groupdn = "ldap:///cn=Modify Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=mapping tree,cn=config"
modify complete
add aci:
(targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0;acl "permission:Remove Replication Agreements";allow (delete) groupdn = "ldap:///cn=Remove Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=mapping tree,cn=config"
modify complete
add aci:
(targetattr=dnaNextRange || dnaNextValue || dnaMaxValue)(version 3.0;acl "permission:Modify DNA Range";allow (write) groupdn = "ldap:///cn=Modify DNA Range,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config"
modify complete
add aci:
(targetattr=nsslapd-readonly)(version 3.0; acl "Allow marking the database readonly"; allow (write) groupdn = "ldap:///cn=Remove Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add aci:
(targetattr=*)(version 3.0; acl "Run tasks after replica re-initialization"; allow (add) groupdn = "ldap:///cn=Modify Replication Agreements,cn=permissions,cn=pbac,dc=ipa,dc=pdp7,dc=net";)
modifying entry "cn=tasks,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [37/40]: activating sidgen plugin
[37/40]: activating sidgen plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpTSHuzF -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA SIDGEN
add nsslapd-pluginpath:
libipa_sidgen
add nsslapd-plugininitfunc:
ipa_sidgen_init
add nsslapd-plugintype:
postoperation
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_sidgen_postop
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA SIDGEN post operation
add nsslapd-plugin-depends-on-type:
database
add nsslapd-basedn:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=IPA SIDGEN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [38/40]: activating extdom plugin
[38/40]: activating extdom plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp7nIzfB -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa_extdom_extop
add nsslapd-pluginpath:
libipa_extdom_extop
add nsslapd-plugininitfunc:
ipa_extdom_init
add nsslapd-plugintype:
extendedop
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_extdom_extop
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
RedHat
add nsslapd-plugindescription:
Support resolving IDs in trusted domains to names and back
add nsslapd-plugin-depends-on-type:
database
add nsslapd-basedn:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=ipa_extdom_extop,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [39/40]: tuning directory server
[39/40]: tuning directory server
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG waiting for port: 389
ipa : DEBUG SUCCESS: port: 389
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp0V8NMs -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-maxdescriptors:
8192
replace nsslapd-reservedescriptors:
64
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 6 seconds
ipa : DEBUG [40/40]: configuring directory to start on boot
[40/40]: configuring directory to start on boot
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=enabled
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl disable dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Removed symlink /etc/systemd/system/dirsrv.target.wants/dirsrv@IPA-PDP7-NET.service.
ipa : DEBUG duration: 0 seconds
ipa : DEBUG Done configuring directory server (dirsrv).
Done configuring directory server (dirsrv).
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x80f7518>
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'73.42.42.10.in-addr.arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name 73.42.42.10.in-addr.arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'42.42.10.in-addr.arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name 42.42.10.in-addr.arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'42.10.in-addr.arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name 42.10.in-addr.arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'10.in-addr.arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name 10.in-addr.arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'in-addr.arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name in-addr.arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG raw: dnszone_show(u'arpa.', version=u'2.228')
ipa.ipaserver.plugins.dns.dnszone_show: DEBUG dnszone_show(<DNS name arpa.>, rights=False, all=False, raw=False, version=u'2.228')
ipa.ipaserver.plugins.dns.dnsrecord_add: DEBUG raw: dnsrecord_add(u'h2.int.pdp7.net', u'ctipa', arecord=u'1', version=u'2.228')
ipa.ipaserver.plugins.dns.dnsrecord_add: DEBUG dnsrecord_add(<DNS name h2.int.pdp7.net.>, <DNS name ctipa>, arecord=(u'1',), a_extra_create_reverse=False, aaaa_extra_create_reverse=False, force=False, structured=False, all=False, raw=False, version=u'2.228')
ipa : INFO Replica DNS records could not be added on master: invalid 'ip_address': invalid IP address format
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active ntpd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=failed
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl disable ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Removed symlink /etc/systemd/system/multi-user.target.wants/ntpd.service.
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_94225936
ipa : DEBUG Backing up system configuration file '/etc/ipa/default.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG IPA FQDN 'ctipa.h2.int.pdp7.net.' is not located in default domain 'ipa.pdp7.net.'
ipa : DEBUG Domain 'h2.int.pdp7.net' needs additional mapping in krb5.conf
ipa : DEBUG Starting external process
ipa : DEBUG args=keyctl get_persistent @s 0
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=1059887013
ipa : DEBUG stderr=
ipa : DEBUG Enabling persistent keyring CCACHE
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active krb5kdc.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop krb5kdc.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Configuring Kerberos KDC (krb5kdc)
Configuring Kerberos KDC (krb5kdc)
ipa : DEBUG [1/5]: configuring KDC
[1/5]: configuring KDC
ipa : DEBUG Backing up system configuration file '/var/kerberos/krb5kdc/kdc.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Backing up system configuration file '/etc/krb5.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Backing up system configuration file '/usr/share/ipa/html/krb5.ini'
ipa : DEBUG -> Not backing up - '/usr/share/ipa/html/krb5.ini' doesn't exist
ipa : DEBUG Backing up system configuration file '/usr/share/ipa/html/krb.con'
ipa : DEBUG -> Not backing up - '/usr/share/ipa/html/krb.con' doesn't exist
ipa : DEBUG Backing up system configuration file '/usr/share/ipa/html/krbrealm.con'
ipa : DEBUG -> Not backing up - '/usr/share/ipa/html/krbrealm.con' doesn't exist
ipa : DEBUG Starting external process
ipa : DEBUG args=klist -V
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=Kerberos 5 version 1.15.1
ipa : DEBUG stderr=
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/krb5kdc'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/5]: adding the password extension to the directory
[2/5]: adding the password extension to the directory
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpI6wm70 -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa_pwd_extop
add nsslapd-pluginpath:
libipa_pwd_extop
add nsslapd-plugininitfunc:
ipapwd_init
add nsslapd-plugintype:
extendedop
add nsslapd-pluginbetxn:
on
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_pwd_extop
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
RedHat
add nsslapd-plugindescription:
Support saving passwords in multiple formats for different consumers (krb5, samba, freeradius, etc.)
add nsslapd-plugin-depends-on-type:
database
add nsslapd-realmTree:
dc=ipa,dc=pdp7,dc=net
adding new entry "cn=ipa_pwd_extop,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket/??base )
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/5]: creating anonymous principal
[3/5]: creating anonymous principal
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/5]: starting the KDC
[4/5]: starting the KDC
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start krb5kdc.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active krb5kdc.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [5/5]: configuring KDC to start on boot
[5/5]: configuring KDC to start on boot
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled krb5kdc.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=disabled
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl disable krb5kdc.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG Done configuring Kerberos KDC (krb5kdc).
Done configuring Kerberos KDC (krb5kdc).
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring kadmin
Configuring kadmin
ipa : DEBUG [1/2]: starting kadmin
[1/2]: starting kadmin
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active kadmin.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart kadmin.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active kadmin.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/2]: configuring kadmin to start on boot
[2/2]: configuring kadmin to start on boot
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled kadmin.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=disabled
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl disable kadmin.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG Done configuring kadmin.
Done configuring kadmin.
ipa : DEBUG Configuring directory server (dirsrv)
Configuring directory server (dirsrv)
ipa : DEBUG [1/3]: configuring TLS for DS instance
[1/3]: configuring TLS for DS instance
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-IPA-PDP7-NET/ -L -n IPA.PDP7.NET IPA CA -a -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt
ipa : DEBUG Process finished, return code=255
ipa : DEBUG stdout=
ipa : DEBUG stderr=certutil: Could not find cert: IPA.PDP7.NET IPA CA
: PR_FILE_NOT_FOUND_ERROR: File not found
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-IPA-PDP7-NET/ -N -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-IPA-PDP7-NET/ -A -n IPA.PDP7.NET IPA CA -t CT,C,C -a -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG certmonger request is in state dbus.String(u'NEWLY_ADDED_READING_KEYINFO', variant_level=1)
ipa : DEBUG certmonger request is in state dbus.String(u'POST_SAVED_CERT', variant_level=1)
ipa : DEBUG certmonger request is in state dbus.String(u'MONITORING', variant_level=1)
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_60698448
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-IPA-PDP7-NET/ -L -n Server-Cert -a -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgIBDjANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKDAxJUEEu
UERQNy5ORVQxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xODAx
MDkyMDIyMzFaFw0yMDAxMTAyMDIyMzFaMDcxFTATBgNVBAoMDElQQS5QRFA3Lk5F
VDEeMBwGA1UEAwwVY3RpcGEuaDIuaW50LnBkcDcubmV0MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAtv7VR7lzeKzn7sBFkr5vBGqlD7TVTyXgtUItM1dV
anXpUX+qh1ZiqnpkZDX1e63CBvmKdevPTCQ+XnF7AexM3fcuOPSbLLLNrXmt9wGf
XvxT/Hc6Gbpr8POcHPesqKKmMxGYdGDMwCo557qndaEdexDmRmF/7z8gwESxbr5V
q9MSVa58fEd0QKn1XsBB+qR2eb8yTyARCE154v1vHB1Pm0T14LuSiyORyzPnNYFz
O6wG8arl/TmCoZjW/jEtdk1jM/ila6jtaN3sAslRFnHzBh9HrN9WkiqkazWycT2q
Iedv9rE7X3Flavg3xKox/BhSQ6OSnRRDvK44OIuI3894hwIDAQABo4IB0jCCAc4w
HwYDVR0jBBgwFoAU3bftcYC4YIcMVGZT8Qk4HUfali8wPgYIKwYBBQUHAQEEMjAw
MC4GCCsGAQUFBzABhiJodHRwOi8vaXBhLWNhLmlwYS5wZHA3Lm5ldC9jYS9vY3Nw
MA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
dwYDVR0fBHAwbjBsoDSgMoYwaHR0cDovL2lwYS1jYS5pcGEucGRwNy5uZXQvaXBh
L2NybC9NYXN0ZXJDUkwuYmluojSkMjAwMQ4wDAYDVQQKDAVpcGFjYTEeMBwGA1UE
AwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB0GA1UdDgQWBBRu/07JR4W9cjMvxq2/
X2V7Wf0ZTjCBowYDVR0RBIGbMIGYghVjdGlwYS5oMi5pbnQucGRwNy5uZXSgNwYK
KwYBBAGCNxQCA6ApDCdsZGFwL2N0aXBhLmgyLmludC5wZHA3Lm5ldEBJUEEuUERQ
Ny5ORVSgRgYGKwYBBQICoDwwOqAOGwxJUEEuUERQNy5ORVShKDAmoAMCAQGhHzAd
GwRsZGFwGxVjdGlwYS5oMi5pbnQucGRwNy5uZXQwDQYJKoZIhvcNAQELBQADggEB
AOi1VZPHM+9o9xd+f34NIToCNU4gcPCy23TBGtOzE3qXWOAO4jcUgE89bW1n+Orm
UhFSxADfHk1ieKxJgvlPLNCN9I0ccgVLi8MQn4qhHrfZzgRAaUW1HPviMXonhJ6z
VZuAKdUYSgfPeELjZZSshk/j3Ot0D95EapN/QaWW0eUEFdmhErmDjbAG1ywHsxzB
NYoQlHBfVAnNtne3woSxH9kflgXRMBLv2TK+cmoiZ9uKQ3amAyC2BDqce69lFcnp
JuJ9qnABCiZpqXpoAzzC4i2vY8KeHrs3ry4/3dwdVW0gajXVtjN9lsbKf+WacCH6
lk+5I8wdai12UeWLhTlxLfg=
-----END CERTIFICATE-----
ipa : DEBUG stderr=
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldap://ctipa.h2.int.pdp7.net:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0xac32560>
ipa : DEBUG duration: 10 seconds
ipa : DEBUG [2/3]: importing CA certificates from LDAP
[2/3]: importing CA certificates from LDAP
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-IPA-PDP7-NET/ -A -n IPA.PDP7.NET IPA CA -t CT,C,C -f /etc/dirsrv/slapd-IPA-PDP7-NET/pwdfile.txt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/3]: restarting directory server
[3/3]: restarting directory server
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_60698448
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG waiting for port: 389
ipa : DEBUG SUCCESS: port: 389
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@IPA-PDP7-NET.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_60698448
ipa : DEBUG duration: 3 seconds
ipa : DEBUG Done configuring directory server (dirsrv).
Done configuring directory server (dirsrv).
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring the web interface (httpd)
Configuring the web interface (httpd)
ipa : DEBUG [1/22]: stopping httpd
[1/22]: stopping httpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active httpd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop httpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/22]: setting mod_nss port to 443
[2/22]: setting mod_nss port to 443
ipa : DEBUG Backing up system configuration file '/etc/httpd/conf.d/nss.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/22]: setting mod_nss cipher suite
[3/22]: setting mod_nss cipher suite
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/22]: setting mod_nss protocol list to TLSv1.0 - TLSv1.2
[4/22]: setting mod_nss protocol list to TLSv1.0 - TLSv1.2
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [5/22]: setting mod_nss password file
[5/22]: setting mod_nss password file
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [6/22]: enabling mod_nss renegotiate
[6/22]: enabling mod_nss renegotiate
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [7/22]: disabling mod_nss OCSP
[7/22]: disabling mod_nss OCSP
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [8/22]: adding URL rewriting rules
[8/22]: adding URL rewriting rules
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [9/22]: configuring httpd
[9/22]: configuring httpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Backing up system configuration file '/etc/httpd/conf.d/ipa.conf'
ipa : DEBUG -> Not backing up - '/etc/httpd/conf.d/ipa.conf' doesn't exist
ipa : DEBUG Backing up system configuration file '/etc/httpd/conf.d/ipa-rewrite.conf'
ipa : DEBUG -> Not backing up - '/etc/httpd/conf.d/ipa-rewrite.conf' doesn't exist
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [10/22]: setting up httpd keytab
[10/22]: setting up httpd keytab
ipa.ipaserver.plugins.service.service_add: DEBUG raw: service_add(u'HTTP/ctipa.h2.int.pdp7.net@IPA.PDP7.NET', force=True, version=u'2.228')
ipa.ipaserver.plugins.service.service_add: DEBUG service_add(ipapython.kerberos.Principal('HTTP/ctipa.h2.int.pdp7.net@IPA.PDP7.NET'), force=True, all=False, raw=False, version=u'2.228', no_members=False)
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0xa8ee680>
ipa.ipaserver.plugins.host.host_show: DEBUG raw: host_show(u'ctipa.h2.int.pdp7.net', version=u'2.228')
ipa.ipaserver.plugins.host.host_show: DEBUG host_show(u'ctipa.h2.int.pdp7.net', rights=False, all=False, raw=False, version=u'2.228', no_members=False)
ipa : DEBUG Backing up system configuration file '/var/lib/ipa/gssproxy/http.keytab'
ipa : DEBUG -> Not backing up - '/var/lib/ipa/gssproxy/http.keytab' doesn't exist
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/ipa-getkeytab -k /var/lib/ipa/gssproxy/http.keytab -p HTTP/ctipa.h2.int.pdp7.net@IPA.PDP7.NET -H ldapi://%2Fvar%2Frun%2Fslapd-IPA-PDP7-NET.socket -Y EXTERNAL
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=Keytab successfully retrieved and stored in: /var/lib/ipa/gssproxy/http.keytab
ipa : DEBUG duration: 1 seconds
ipa : DEBUG [11/22]: configuring Gssproxy
[11/22]: configuring Gssproxy
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart gssproxy.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=A dependency job for gssproxy.service failed. See 'journalctl -xe' for details.
ipa : DEBUG Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step
method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/httpinstance.py", line 242, in configure_gssproxy
services.knownservices.gssproxy.restart()
File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 322, in restart
capture_output, wait)
File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 310, in _restart_base
skip_output=not capture_output)
File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 512, in run
raise CalledProcessError(p.returncode, arg_string, str(output))
CalledProcessError: Command '/bin/systemctl restart gssproxy.service' returned non-zero exit status 1
ipa : DEBUG [error] CalledProcessError: Command '/bin/systemctl restart gssproxy.service' returned non-zero exit status 1
[error] CalledProcessError: Command '/bin/systemctl restart gssproxy.service' returned non-zero exit status 1
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333, in run
cfgr.run()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368, in run
self.execute()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392, in execute
for _nothing in self._executor():
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
exc_handler(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
step()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658, in _configure
next(executor)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
exc_handler(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463, in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception
self.__parent._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception
super(ComponentBase, self)._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
step()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install
for _nothing in self._installer(self.parent):
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py", line 617, in main
replica_install(self)
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 386, in decorated
func(installer)
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1440, in install
ca_file=cafile)
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 166, in install_http
subject_base=config.subject_base, master_fqdn=config.master_host_name)
File "/usr/lib/python2.7/site-packages/ipaserver/install/httpinstance.py", line 190, in create_instance
self.start_creation()
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step
method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/httpinstance.py", line 242, in configure_gssproxy
services.knownservices.gssproxy.restart()
File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 322, in restart
capture_output, wait)
File "/usr/lib/python2.7/site-packages/ipaplatform/base/services.py", line 310, in _restart_base
skip_output=not capture_output)
File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 512, in run
raise CalledProcessError(p.returncode, arg_string, str(output))
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG The ipa-replica-install command failed, exception: CalledProcessError: Command '/bin/systemctl restart gssproxy.service' returned non-zero exit status 1
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR Command '/bin/systemctl restart gssproxy.service' returned non-zero exit status 1
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
[root@ctipa ~]#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.