Skip to content

Instantly share code, notes, and snippets.

@nevsan

nevsan/ipa-access Secret

Last active August 29, 2015 13:58
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
IPA Replica Issues (Total update abortedLDAP error: Can't contact LDAP server)
Raw
ipa-access
[02/Apr/2014:20:47:38 +0000] conn=8 op=6320 SRCH base="idnsName=ipa2,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6320 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6321 SRCH base="idnsName=ipa2,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6321 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6322 SRCH base="idnsName=com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6322 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6323 SRCH base="idnsName=example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6323 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6324 SRCH base="idnsName=ipa2.example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6324 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6325 SRCH base="idnsName=com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6325 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6326 SRCH base="idnsName=example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6326 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:47:38 +0000] conn=8 op=6327 SRCH base="idnsName=ipa2.example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:47:38 +0000] conn=8 op=6327 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:00 +0000] conn=8 op=6329 SRCH base="idnsName=com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:00 +0000] conn=8 op=6329 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:00 +0000] conn=8 op=6330 SRCH base="idnsName=example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:00 +0000] conn=8 op=6330 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:00 +0000] conn=8 op=6331 SRCH base="idnsName=ipa.example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:00 +0000] conn=8 op=6331 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:00 +0000] conn=1359 fd=114 slot=114 SSL connection from 10.0.0.8 to 10.0.3.4
[02/Apr/2014:20:49:00 +0000] conn=1359 SSL 128-bit AES
[02/Apr/2014:20:49:00 +0000] conn=1359 op=0 BIND dn="uid=openvpn,cn=users,cn=accounts,dc=example,dc=com" method=128 version=3
[02/Apr/2014:20:49:00 +0000] conn=1359 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=openvpn,cn=users,cn=accounts,dc=example,dc=com"
[02/Apr/2014:20:49:00 +0000] conn=1359 op=1 SRCH base="CN=users,CN=accounts,DC=example,DC=com" scope=2 filter="(&(uid=nsanchez)(memberOf=cn=vpn-users,cn=groups,cn=accounts,dc=example,dc=com))" attrs=ALL
[02/Apr/2014:20:49:00 +0000] conn=1359 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:00 +0000] conn=1359 op=2 BIND dn="uid=nsanchez,cn=users,cn=accounts,dc=example,dc=com" method=128 version=3
[02/Apr/2014:20:49:00 +0000] conn=1359 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=nsanchez,cn=users,cn=accounts,dc=example,dc=com"
[02/Apr/2014:20:49:00 +0000] conn=1359 op=3 UNBIND
[02/Apr/2014:20:49:00 +0000] conn=1359 op=3 fd=114 closed - U1
[02/Apr/2014:20:49:34 +0000] conn=8 op=6333 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:34 +0000] conn=8 op=6333 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:35 +0000] conn=8 op=6334 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:35 +0000] conn=8 op=6334 RESULT err=32 tag=101 nentries=0 etime=1
[02/Apr/2014:20:49:35 +0000] conn=1360 fd=114 slot=114 connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:49:35 +0000] conn=1360 op=-1 fd=114 closed - B1
[02/Apr/2014:20:49:35 +0000] conn=1361 fd=114 slot=114 SSL connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:49:35 +0000] conn=1361 op=-1 fd=114 closed - Encountered end of file.
[02/Apr/2014:20:49:35 +0000] conn=4 op=18208 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=admin@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18208 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18209 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18209 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18210 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/EXAMPLE.COM@EXAMPLE.COM)(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18210 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18211 SRCH base="cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure krbPwdFailureCountInterval krbPwdLockoutDuration"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18211 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18212 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=admin@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18212 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18213 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18213 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18214 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/EXAMPLE.COM@EXAMPLE.COM)(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18214 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18215 SRCH base="cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure krbPwdFailureCountInterval krbPwdLockoutDuration"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18215 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18216 SRCH base="uid=admin,cn=users,cn=accounts,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="objectClass uid cn fqdn gidNumber krbPrincipalName krbCanonicalName krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbLastAdminUnlock krbTicketFlags ipaNTSecurityIdentifier ipaNTLogonScript ipaNTProfilePath ipaNTHomeDirectory ipaNTHomeDirectoryDrive"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18216 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18217 MOD dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18217 RESULT err=0 tag=103 nentries=0 etime=0 csn=533c7816000000040000
[02/Apr/2014:20:49:35 +0000] conn=4 op=18218 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18218 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18219 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=host/ipa.example.com@EXAMPLE.COM)(krbPrincipalName=host/ipa.example.com@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18219 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18220 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18220 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18221 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=admin@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18221 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=4 op=18222 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:49:35 +0000] conn=4 op=18222 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=8 op=6335 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:35 +0000] conn=8 op=6335 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:35 +0000] conn=1325 op=54 SRCH base="cn=accounts,dc=example,dc=com" scope=2 filter="(&(uid=admin)(objectClass=posixAccount)(&(uidNumber=*)(!(uidNumber=0))))" attrs="objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn memberOf nsUniqueId ipaNTSecurityIdentifier modifyTimestamp entryusn shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdattribute authorizedService accountexpires useraccountcontrol nsAccountLock host logindisabled loginexpirationtime loginallowedtimemap ipaSshPubKey"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=54 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:35 +0000] conn=1325 op=55 SRCH base="uid=admin,cn=users,cn=accounts,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="objectClass cn userPassword gidNumber member nsUniqueId ipaNTSecurityIdentifier modifyTimestamp entryusn"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=55 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[02/Apr/2014:20:49:35 +0000] conn=1325 op=56 SRCH base="cn=accounts,dc=example,dc=com" scope=2 filter="(&(objectClass=ipaHost)(fqdn=ipa.example.com))" attrs="objectClass cn fqdn serverHostName memberOf ipaSshPubKey ipaUniqueID"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=56 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[02/Apr/2014:20:49:35 +0000] conn=1325 op=57 SRCH base="fqdn=ipa.example.com,cn=computers,cn=accounts,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="objectClass cn memberOf ipaUniqueID"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=57 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[02/Apr/2014:20:49:35 +0000] conn=1325 op=58 SRCH base="cn=hbac,dc=example,dc=com" scope=2 filter="(objectClass=ipaHBACService)" attrs="objectClass cn ipaUniqueID member memberOf"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=58 RESULT err=0 tag=101 nentries=15 etime=0 notes=P
[02/Apr/2014:20:49:35 +0000] conn=1325 op=59 SRCH base="cn=hbac,dc=example,dc=com" scope=2 filter="(objectClass=ipaHBACServiceGroup)" attrs="objectClass cn ipaUniqueID member memberOf"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=59 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[02/Apr/2014:20:49:35 +0000] conn=1325 op=60 SRCH base="cn=hbac,dc=example,dc=com" scope=2 filter="(&(objectClass=ipaHBACRule)(ipaEnabledFlag=TRUE)(|(hostCategory=all)(memberHost=fqdn=ipa.example.com,cn=computers,cn=accounts,dc=example,dc=com)(memberHost=cn=entitlement compliance,cn=roles,cn=accounts,dc=example,dc=com)(memberHost=cn=read entitlements,cn=privileges,cn=pbac,dc=example,dc=com)(memberHost=cn=read entitlements,cn=permissions,cn=pbac,dc=example,dc=com)(memberHost=cn=it-servers,cn=hostgroups,cn=accounts,dc=example,dc=com)(memberHost=cn=it-servers,cn=ng,cn=alt,dc=example,dc=com)(memberHost=ipauniqueid=426d9116-f42f-11e2-ba01-1686000c7ec7,cn=sudorules,cn=sudo,dc=example,dc=com)))" attrs="objectClass cn ipaUniqueID ipaEnabledFlag accessRuleType memberUser userCategory memberService serviceCategory sourceHost sourceHostCategory externalHost memberHost hostCategory"
[02/Apr/2014:20:49:35 +0000] conn=1325 op=60 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[02/Apr/2014:20:49:36 +0000] conn=1325 op=61 SRCH base="cn=etc,dc=example,dc=com" scope=2 filter="(&(cn=ipaConfig)(objectClass=ipaGuiConfig))" attrs="ipaMigrationEnabled ipaSELinuxUserMapDefault ipaSELinuxUserMapOrder"
[02/Apr/2014:20:49:36 +0000] conn=1325 op=61 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:36 +0000] conn=1325 op=62 SRCH base="cn=selinux,dc=example,dc=com" scope=2 filter="(&(objectClass=ipaselinuxusermap)(ipaEnabledFlag=TRUE))" attrs="objectClass cn memberUser memberHost seeAlso ipaSELinuxUser ipaEnabledFlag userCategory hostCategory ipaUniqueID"
[02/Apr/2014:20:49:36 +0000] conn=1325 op=62 RESULT err=0 tag=101 nentries=0 etime=0 notes=P
[02/Apr/2014:20:49:37 +0000] conn=8 op=6337 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:37 +0000] conn=8 op=6337 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:44 +0000] conn=1362 fd=114 slot=114 SSL connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:49:45 +0000] conn=1362 SSL 128-bit AES
[02/Apr/2014:20:49:45 +0000] conn=1362 op=0 BIND dn="cn=directory manager" method=128 version=3
[02/Apr/2014:20:49:45 +0000] conn=1362 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[02/Apr/2014:20:49:45 +0000] conn=1363 fd=115 slot=115 SSL connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:49:45 +0000] conn=1363 SSL 128-bit AES
[02/Apr/2014:20:49:45 +0000] conn=1363 op=0 BIND dn="cn=directory manager" method=128 version=3
[02/Apr/2014:20:49:45 +0000] conn=1363 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[02/Apr/2014:20:49:45 +0000] conn=1362 op=1 SRCH base="cn=ipaconfig,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:49:45 +0000] conn=1362 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:45 +0000] conn=1362 op=2 SRCH base="cn=schema" scope=0 filter="(objectClass=*)" attrs="attributeTypes objectClasses"
[02/Apr/2014:20:49:45 +0000] conn=1362 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1362 op=3 SRCH base="cn=computers,cn=accounts,dc=example,dc=com" scope=2 filter="(fqdn=ipa2.example.com)" attrs="fqdn"
[02/Apr/2014:20:49:46 +0000] conn=1362 op=3 RESULT err=0 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1364 fd=117 slot=117 SSL connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:49:46 +0000] conn=1364 SSL 128-bit AES
[02/Apr/2014:20:49:46 +0000] conn=1364 op=0 BIND dn="cn=directory manager" method=128 version=3
[02/Apr/2014:20:49:46 +0000] conn=1364 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[02/Apr/2014:20:49:46 +0000] conn=1364 op=1 SRCH base="cn=ipaconfig,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:49:46 +0000] conn=1364 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1364 op=2 SRCH base="cn=schema" scope=0 filter="(objectClass=*)" attrs="attributeTypes objectClasses"
[02/Apr/2014:20:49:46 +0000] conn=1364 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1364 op=3 SRCH base="cn=masters,cn=ipa,cn=etc,dc=example,dc=com" scope=2 filter="(&(objectClass=ipaConfigObject)(cn=DNS))" attrs=ALL
[02/Apr/2014:20:49:46 +0000] conn=1364 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1364 op=4 UNBIND
[02/Apr/2014:20:49:46 +0000] conn=1364 op=4 fd=117 closed - U1
[02/Apr/2014:20:49:46 +0000] conn=8 op=6338 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:46 +0000] conn=8 op=6338 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:46 +0000] conn=8 op=6339 SRCH base="idnsName=3,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:49:46 +0000] conn=8 op=6339 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1362 op=4 SRCH base="cn=ipaconfig,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:49:46 +0000] conn=1362 op=4 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1362 op=5 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs="* aci"
[02/Apr/2014:20:49:46 +0000] conn=1362 op=5 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:49:46 +0000] conn=1362 op=6 UNBIND
[02/Apr/2014:20:49:46 +0000] conn=1362 op=6 fd=114 closed - U1
[02/Apr/2014:20:49:46 +0000] conn=1363 op=1 UNBIND
[02/Apr/2014:20:49:46 +0000] conn=1363 op=1 fd=115 closed - U1
[02/Apr/2014:20:50:04 +0000] conn=8 op=6341 SRCH base="idnsName=wpad,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:50:04 +0000] conn=8 op=6341 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:50:15 +0000] conn=1365 fd=114 slot=114 connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:50:15 +0000] conn=1365 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[02/Apr/2014:20:50:15 +0000] conn=1365 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[02/Apr/2014:20:50:15 +0000] conn=1365 SSL 128-bit AES
[02/Apr/2014:20:50:15 +0000] conn=1365 op=1 BIND dn="cn=Directory Manager" method=128 version=3
[02/Apr/2014:20:50:15 +0000] conn=1365 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[02/Apr/2014:20:50:15 +0000] conn=1365 op=2 SRCH base="cn=replication,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:50:15 +0000] conn=1365 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:15 +0000] conn=1365 op=3 SRCH base="cn=schema" scope=0 filter="(objectClass=*)" attrs="attributeTypes objectClasses"
[02/Apr/2014:20:50:15 +0000] conn=1365 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1324 op=5 UNBIND
[02/Apr/2014:20:50:16 +0000] conn=1324 op=5 fd=70 closed - U1
[02/Apr/2014:20:50:16 +0000] conn=1365 op=4 MOD dn="cn=replication,cn=etc,dc=example,dc=com"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=4 RESULT err=0 tag=103 nentries=0 etime=0 csn=533c783f000000040000
[02/Apr/2014:20:50:16 +0000] conn=1365 op=5 SRCH base="cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:50:16 +0000] conn=1365 op=5 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=6 ADD dn="cn=replication manager,cn=config"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=6 RESULT err=68 tag=105 nentries=0 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=7 MOD dn="cn=replication manager,cn=config"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=7 RESULT err=0 tag=103 nentries=0 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=8 SRCH base="cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:50:16 +0000] conn=1365 op=8 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=9 SRCH base="cn=config,cn=ldbm database,cn=plugins,cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-directory"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=9 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=10 ADD dn="cn=changelog5,cn=config"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=10 RESULT err=68 tag=105 nentries=0 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=11 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:50:16 +0000] conn=1365 op=11 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=12 ADD dn="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config"
[02/Apr/2014:20:50:16 +0000] conn=1365 op=12 RESULT err=0 tag=105 nentries=0 etime=0
[02/Apr/2014:20:50:16 +0000] conn=1365 op=13 MOD dn="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config"
[02/Apr/2014:20:50:17 +0000] conn=1365 op=13 RESULT err=0 tag=103 nentries=0 etime=1
[02/Apr/2014:20:50:17 +0000] conn=1365 op=14 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:50:17 +0000] conn=1365 op=14 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1366 fd=70 slot=70 connection from 10.0.3.15 to 10.0.3.4
[02/Apr/2014:20:50:17 +0000] conn=1366 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1366 SSL 128-bit AES
[02/Apr/2014:20:50:17 +0000] conn=1366 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[02/Apr/2014:20:50:17 +0000] conn=1366 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1366 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1366 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1365 op=15 MOD dn="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[02/Apr/2014:20:50:17 +0000] conn=1366 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[02/Apr/2014:20:50:17 +0000] conn=1366 op=6 UNBIND
[02/Apr/2014:20:50:17 +0000] conn=1366 op=6 fd=70 closed - U1
[02/Apr/2014:20:50:18 +0000] conn=1365 op=15 RESULT err=0 tag=103 nentries=0 etime=1
[02/Apr/2014:20:50:19 +0000] conn=1365 op=16 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs="nsds5replicaLastInitStart nsds5replicaUpdateInProgress nsds5replicaLastInitStatus cn nsds5BeginReplicaRefresh nsds5replicaLastInitEnd"
[02/Apr/2014:20:50:19 +0000] conn=1365 op=16 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:20 +0000] conn=1365 op=17 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs="nsds5replicaLastInitStart nsds5replicaUpdateInProgress nsds5replicaLastInitStatus cn nsds5BeginReplicaRefresh nsds5replicaLastInitEnd"
[02/Apr/2014:20:50:20 +0000] conn=1365 op=17 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:21 +0000] conn=1365 op=18 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs="nsds5replicaLastInitStart nsds5replicaUpdateInProgress nsds5replicaLastInitStatus cn nsds5BeginReplicaRefresh nsds5replicaLastInitEnd"
[02/Apr/2014:20:50:21 +0000] conn=1365 op=18 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:50:22 +0000] conn=1365 op=19 SRCH base="cn=meToipa2.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config" scope=0 filter="(objectClass=*)" attrs="nsds5replicaLastInitStart nsds5replicaUpdateInProgress nsds5replicaLastInitStatus cn nsds5BeginReplicaRefresh nsds5replicaLastInitEnd"
[02/Apr/2014:20:50:22 +0000] conn=1365 op=19 RESULT err=0 tag=101 nentries=1 etime=1
[02/Apr/2014:20:50:22 +0000] conn=1365 op=20 UNBIND
[02/Apr/2014:20:50:22 +0000] conn=1365 op=20 fd=114 closed - U1
[02/Apr/2014:20:51:37 +0000] conn=8 op=6343 SRCH base="idnsName=0,idnsname=0.10.in-addr.arpa.,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:51:37 +0000] conn=8 op=6343 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:27 +0000] conn=20 op=854 SRCH base="ou=sessions,ou=Security Domain,o=ipaca" scope=2 filter="(objectClass=securityDomainSessionEntry)" attrs="cn"
[02/Apr/2014:20:52:27 +0000] conn=20 op=854 RESULT err=0 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:37 +0000] conn=1325 op=63 UNBIND
[02/Apr/2014:20:52:37 +0000] conn=1325 op=63 fd=64 closed - U1
[02/Apr/2014:20:52:38 +0000] conn=8 op=6345 SRCH base="idnsName=ipa2,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6345 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6346 SRCH base="idnsName=ipa2,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6346 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6347 SRCH base="idnsName=com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6347 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6348 SRCH base="idnsName=example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6348 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6349 SRCH base="idnsName=ipa2.example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6349 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6350 SRCH base="idnsName=com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6350 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6351 SRCH base="idnsName=example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6351 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:38 +0000] conn=8 op=6352 SRCH base="idnsName=ipa2.example.com,idnsname=example.com,cn=dns,dc=example,dc=com" scope=0 filter="(objectClass=idnsRecord)" attrs=ALL
[02/Apr/2014:20:52:38 +0000] conn=8 op=6352 RESULT err=32 tag=101 nentries=0 etime=0
[02/Apr/2014:20:52:44 +0000] conn=1367 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.4
[02/Apr/2014:20:52:44 +0000] conn=1367 op=0 SRCH base="" scope=0 filter="(objectClass=*)" attrs="* altServer namingContexts supportedControl supportedExtension supportedFeatures supportedLDAPVersion supportedSASLMechanisms domaincontrollerfunctionality defaultnamingcontext lastusn highestcommittedusn aci"
[02/Apr/2014:20:52:44 +0000] conn=1367 op=0 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18224 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=host/ipa.example.com@EXAMPLE.COM)(krbPrincipalName=host/ipa.example.com@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18224 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18225 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18225 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18226 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/EXAMPLE.COM@EXAMPLE.COM)(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18226 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18227 SRCH base="cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure krbPwdFailureCountInterval krbPwdLockoutDuration"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18227 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18228 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=host/ipa.example.com@EXAMPLE.COM)(krbPrincipalName=host/ipa.example.com@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18228 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18229 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18229 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18230 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/EXAMPLE.COM@EXAMPLE.COM)(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18230 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18231 SRCH base="cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure krbPwdFailureCountInterval krbPwdLockoutDuration"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18231 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18232 SRCH base="fqdn=ipa.example.com,cn=computers,cn=accounts,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="objectClass uid cn fqdn gidNumber krbPrincipalName krbCanonicalName krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbLastAdminUnlock krbTicketFlags ipaNTSecurityIdentifier ipaNTLogonScript ipaNTProfilePath ipaNTHomeDirectory ipaNTHomeDirectoryDrive"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18232 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18233 SRCH base="cn=ipa.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[02/Apr/2014:20:52:44 +0000] conn=4 op=18233 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18234 MOD dn="fqdn=ipa.example.com,cn=computers,cn=accounts,dc=example,dc=com"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18234 RESULT err=0 tag=103 nentries=0 etime=0 csn=533c78d3000000040000
[02/Apr/2014:20:52:44 +0000] conn=4 op=18235 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=krbtgt/EXAMPLE.COM@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18235 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18236 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=ldap/ipa.example.com@EXAMPLE.COM)(krbPrincipalName=ldap/ipa.example.com@EXAMPLE.COM)))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18236 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18237 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18237 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18238 SRCH base="dc=example,dc=com" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=host/ipa.example.com@EXAMPLE.COM))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled krbPrincipalKey krbTicketPolicyReference krbPrincipalExpiration krbPasswordExpiration krbPwdPolicyReference krbPrincipalType krbPwdHistory krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth krbLastFailedAuth krbLoginFailedCount krbExtraData krbLastAdminUnlock krbObjectReferences krbTicketFlags krbMaxTicketLife krbMaxRenewableAge nsAccountLock passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"
[02/Apr/2014:20:52:44 +0000] conn=4 op=18238 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=4 op=18239 SRCH base="cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"
[02/Apr/2014:20:52:44 +0000] conn=1367 op=1 BIND dn="" method=sasl version=3 mech=GSSAPI
[02/Apr/2014:20:52:44 +0000] conn=4 op=18239 RESULT err=0 tag=101 nentries=1 etime=0
[02/Apr/2014:20:52:44 +0000] conn=1367 op=2 BIND dn="" method=sasl version=3 mech=GSSAPI
[02/Apr/2014:20:52:44 +0000] conn=1367 op=3 BIND dn="" method=sasl version=3 mech=GSSAPI
[02/Apr/2014:20:52:44 +0000] conn=1367 op=2 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[02/Apr/2014:20:52:44 +0000] conn=1367 op=4 SRCH base="ou=SUDOers,dc=example,dc=com" scope=2 filter="(&(&(objectClass=sudoRole)(entryusn>=42906)(!(entryusn=42906)))(|(!(sudoHost=*))(sudoHost=ALL)(sudoHost=ipa.example.com)(sudoHost=ipa)(sudoHost=fe80::1486:ff:fe0c:7ec7)(sudoHost=fe80::/64)(sudoHost=+*)(|(sudoHost=*\5C*)(sudoHost=*?*)(sudoHost=*\2A*)(sudoHost=*[*]*))))" attrs="objectClass cn sudoCommand sudoHost sudoUser sudoOption sudoRunAsUser sudoRunAsGroup sudoNotBefore sudoNotAfter sudoOrder entryusn"
[02/Apr/2014:20:52:44 +0000] conn=1367 op=1 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[02/Apr/2014:20:52:44 +0000] conn=1367 op=4 RESULT err=0 tag=101 nentries=0 etime=0 notes=P
[02/Apr/2014:20:52:44 +0000] conn=1367 op=3 RESULT err=0 tag=97 nentries=0 etime=0 dn="fqdn=ipa.example.com,cn=computers,cn=accounts,dc=example,dc=com"
Raw
ipa-errors
[02/Apr/2014:20:50:18 +0000] NSMMReplicationPlugin - agmt="cn=meToipa2.example.com" (ipa2:389): The remote replica has a different database generation ID than the local database. You may have to reinitialize the remote replica, or the local replica.
[02/Apr/2014:20:50:18 +0000] NSMMReplicationPlugin - Beginning total update of replica "agmt="cn=meToipa2.example.com" (ipa2:389)".
[02/Apr/2014:20:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:20:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:07:39 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:21:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:07:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:22:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:07:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[02/Apr/2014:23:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:07:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:00:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:07:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:01:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:07:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:12:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:17:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:22:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:27:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:32:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:37:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:42:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:47:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:52:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:02:57:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
[03/Apr/2014:03:02:38 +0000] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 0 (Success)
Raw
ipa-replica-install (2014-04-02 20:50).log
# ipa-replica-install -ddd --setup-dns --no-forwarders /var/lib/ipa/replica-info-ipa2.example.com.gpg
ipa : DEBUG /sbin/ipa-replica-install was invoked with argument "/var/lib/ipa/replica-info-ipa2.example.com.gpg" and options: {'no_forwarders': True, 'conf_ssh': True, 'setup_ca': False, 'ui_redirect': True, 'reverse_zone': None, 'trust_sshfp': False, 'unattended': False, 'setup_pkinit': True, 'no_host_dns': False, 'mkhomedir': False, 'ip_address': None, 'no_reverse': False, 'setup_dns': True, 'create_sshfp': True, 'conf_sshd': True, 'forwarders': None, 'debug': True, 'conf_ntp': True, 'skip_conncheck': False, 'skip_schema_check': False}
ipa : DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=VirtualHost configuration:
*:8443 ipa2.example.com (/etc/httpd/conf.d/nss.conf:86)
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled chronyd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=Failed to issue method call: No such file or directory
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active chronyd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/gpg-agent --batch --homedir /tmp/tmpV3iDtbipa/ipa-dPP7l3/.gnupg --daemon /usr/bin/gpg --batch --homedir /tmp/tmpV3iDtbipa/ipa-dPP7l3/.gnupg --passphrase-fd 0 --yes --no-tty -o /tmp/tmpV3iDtbipa/files.tar -d /var/lib/ipa/replica-info-ipa2.example.com.gpg
ipa : DEBUG Process finished, return code=0
ipa : DEBUG Starting external process
ipa : DEBUG args=tar xf /tmp/tmpV3iDtbipa/files.tar -C /tmp/tmpV3iDtbipa
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Installing replica file with version 30305 (0 means no version in prepared file).
ipa : DEBUG Check if ipa2.example.com is a primary hostname for localhost
ipa : DEBUG Primary hostname for localhost: ipa2.example.com
ipa : DEBUG Search DNS for ipa2.example.com
ipa : DEBUG Check if ipa2.example.com is not a CNAME
ipa : DEBUG Check reverse address of 10.0.3.15
ipa : DEBUG Found reverse name: ipa2.example.com
ipa : DEBUG Check if ipa.example.com is a primary hostname for localhost
ipa : DEBUG Primary hostname for localhost: ipa.example.com
ipa : DEBUG Search DNS for ipa.example.com
ipa : DEBUG Check if ipa.example.com is not a CNAME
ipa : DEBUG Check reverse address of 10.0.3.4
ipa : DEBUG Found reverse name: ipa.example.com
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/ipa-replica-conncheck --master ipa.example.com --auto-master-check --realm EXAMPLE.COM --principal admin --hostname ipa2.example.com --password XXXXXXXX
Check connection from replica to remote master 'ipa.example.com':
Directory Service: Unsecure port (389): OK
Directory Service: Secure port (636): OK
Kerberos KDC: TCP (88): OK
Kerberos Kpasswd: TCP (464): OK
HTTP Server: Unsecure port (80): OK
HTTP Server: Secure port (443): OK
The following list of ports use UDP protocol and would need to be
checked manually:
Kerberos KDC: UDP (88): SKIPPED
Kerberos Kpasswd: UDP (464): SKIPPED
Connection from replica to master is OK.
Start listening on required ports for remote master check
Get credentials to log in to remote master
Check SSH connection to remote master
Execute check on remote master
Check connection from master to remote replica 'ipa2.example.com':
Directory Service: Unsecure port (389): OK
Directory Service: Secure port (636): OK
Kerberos KDC: TCP (88): OK
Kerberos KDC: UDP (88): OK
Kerberos Kpasswd: TCP (464): OK
Kerberos Kpasswd: UDP (464): OK
HTTP Server: Unsecure port (80): OK
HTTP Server: Secure port (443): OK
Connection from master to replica is OK.
ipa : DEBUG Process finished, return code=0
ipa : DEBUG Starting external process
ipa : DEBUG args=/sbin/ip -family inet -oneline address show
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
2: eth0 inet 10.0.3.15/24 brd 10.0.3.255 scope global eth0\ valid_lft forever preferred_lft forever
ipa : DEBUG stderr=
ipa : DEBUG importing all plugin modules in '/usr/lib/python2.7/site-packages/ipalib/plugins'...
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
ipa : DEBUG Starting external process
ipa : DEBUG args=klist -V
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=Kerberos 5 version 1.11.3
ipa : DEBUG stderr=
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py'
ipa : DEBUG importing all plugin modules in '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'...
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_agreements.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_anonymous_aci.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_idranges.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_pacs.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_services.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py'
ipa : DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/upload_cacrt.py'
ipa : DEBUG DS group dirsrv exists
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2_43515088
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ipa.example.com from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ipa.example.com conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x2988d40>
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Created connection context.ldap2
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ipa.example.com from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ipa.example.com conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x45a63f8>
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2
ipa : DEBUG Check forward/reverse DNS resolution
ipa : DEBUG Search DNS server ipa.example.com (['10.0.3.4', '10.0.3.4', '10.0.3.4']) for ipa.example.com
ipa : DEBUG Check reverse address 10.0.3.4 (ipa.example.com)
ipa : DEBUG Address 10.0.3.4 resolves to: ipa.example.com..
ipa : DEBUG Search DNS server ipa.example.com (['10.0.3.4', '10.0.3.4', '10.0.3.4']) for ipa2.example.com
ipa : DEBUG Check reverse address 10.0.3.15 (ipa2.example.com)
ipa : DEBUG Address 10.0.3.15 resolves to: ipa2.example.com..
ipa.ipaserver.plugins.ldap2.ldap2: DEBUG Destroyed connection context.ldap2_43515088
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled chronyd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=
ipa : DEBUG stderr=Failed to issue method call: No such file or directory
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active chronyd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring NTP daemon (ntpd)
Run connection check to master
Connection check OK
Configuring NTP daemon (ntpd)
ipa : DEBUG [1/4]: stopping ntpd
[1/4]: stopping ntpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active ntpd.service
ipa : DEBUG Process finished, return code=3
ipa : DEBUG stdout=unknown
ipa : DEBUG stderr=
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/4]: writing configuration
[2/4]: writing configuration
ipa : DEBUG Backing up system configuration file '/etc/ntp.conf'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/ntpd'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [3/4]: configuring ntpd to start on boot
[3/4]: configuring ntpd to start on boot
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-enabled ntpd.service
ipa : DEBUG Process finished, return code=1
ipa : DEBUG stdout=disabled
ipa : DEBUG stderr=
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl enable ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=ln -s '/usr/lib/systemd/system/ntpd.service' '/etc/systemd/system/multi-user.target.wants/ntpd.service'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/4]: starting ntpd
[4/4]: starting ntpd
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active ntpd.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG Done configuring NTP daemon (ntpd).
Done configuring NTP daemon (ntpd).
ipa : DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Configuring directory server (dirsrv): Estimated time 1 minute
Configuring directory server (dirsrv): Estimated time 1 minute
ipa : DEBUG [1/34]: creating directory server user
[1/34]: creating directory server user
ipa : DEBUG DS user dirsrv exists
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [2/34]: creating directory server instance
[2/34]: creating directory server instance
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG
dn: dc=example,dc=com
objectClass: top
objectClass: domain
objectClass: pilotObject
dc: example
info: IPA V2.0
ipa : DEBUG writing inf template
ipa : DEBUG
[General]
FullMachineName= ipa2.example.com
SuiteSpotUserID= dirsrv
SuiteSpotGroup= dirsrv
ServerRoot= /usr/lib64/dirsrv
[slapd]
ServerPort= 389
ServerIdentifier= EXAMPLE-COM
Suffix= dc=example,dc=com
RootDN= cn=Directory Manager
InstallLdifFile= /var/lib/dirsrv/boot.ldif
inst_dir= /var/lib/dirsrv/scripts-EXAMPLE-COM
ipa : DEBUG calling setup-ds.pl
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpzvNRVC
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=[14/04/02:20:49:53] - [Setup] Info Your new DS instance 'EXAMPLE-COM' was successfully created.
Your new DS instance 'EXAMPLE-COM' was successfully created.
[14/04/02:20:49:53] - [Setup] Success Exiting . . .
Log file is '-'
Exiting . . .
Log file is '-'
ipa : DEBUG stderr=
ipa : DEBUG completed creating ds instance
ipa : DEBUG restarting ds instance
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG done restarting ds instance
ipa : DEBUG duration: 7 seconds
ipa : DEBUG [3/34]: adding default schema
[3/34]: adding default schema
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [4/34]: enabling memberof plugin
[4/34]: enabling memberof plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/memberof-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmp_LANPN
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-pluginenabled:
on
add memberofgroupattr:
memberUser
add memberofgroupattr:
memberHost
modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [5/34]: enabling winsync plugin
[5/34]: enabling winsync plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-winsync-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpmx9LrJ
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa-winsync
add nsslapd-pluginpath:
libipa_winsync
add nsslapd-plugininitfunc:
ipa_winsync_plugin_init
add nsslapd-pluginDescription:
Allows IPA to work with the DS windows sync feature
add nsslapd-pluginid:
ipa-winsync
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
on
add nsslapd-plugin-depends-on-type:
database
add ipaWinSyncRealmFilter:
(objectclass=krbRealmContainer)
add ipaWinSyncRealmAttr:
cn
add ipaWinSyncNewEntryFilter:
(cn=ipaConfig)
add ipaWinSyncNewUserOCAttr:
ipauserobjectclasses
add ipaWinSyncUserFlatten:
true
add ipaWinsyncHomeDirAttr:
ipaHomesRootDir
add ipaWinsyncLoginShellAttr:
ipaDefaultLoginShell
add ipaWinSyncDefaultGroupAttr:
ipaDefaultPrimaryGroup
add ipaWinSyncDefaultGroupFilter:
(gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames)
add ipaWinSyncAcctDisable:
both
add ipaWinSyncForceSync:
true
add ipaWinSyncUserAttr:
uidNumber -1
gidNumber -1
adding new entry "cn=ipa-winsync,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [6/34]: configuring replication version plugin
[6/34]: configuring replication version plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/version-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpYGD8mY
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA Version Replication
add nsslapd-pluginpath:
libipa_repl_version
add nsslapd-plugininitfunc:
repl_version_plugin_init
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
off
add nsslapd-pluginid:
ipa_repl_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA Replication version plugin
add nsslapd-plugin-depends-on-type:
database
add nsslapd-plugin-depends-on-named:
Multimaster Replication Plugin
adding new entry "cn=IPA Version Replication,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [7/34]: enabling IPA enrollment plugin
[7/34]: enabling IPA enrollment plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmppZp97h -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpkR3OSl
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipa_enrollment_extop
add nsslapd-pluginpath:
libipa_enrollment_extop
add nsslapd-plugininitfunc:
ipaenrollment_init
add nsslapd-plugintype:
extendedop
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_enrollment_extop
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
RedHat
add nsslapd-plugindescription:
Enroll hosts into the IPA domain
add nsslapd-plugin-depends-on-type:
database
add nsslapd-realmTree:
dc=example,dc=com
adding new entry "cn=ipa_enrollment_extop,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [8/34]: enabling ldapi
[8/34]: enabling ldapi
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpCnHH53 -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpQHZklb
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-ldapilisten:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [9/34]: configuring uniqueness plugin
[9/34]: configuring uniqueness plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpGppfdL -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmp_58cPW
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
krbPrincipalName uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add nsslapd-pluginarg0:
krbPrincipalName
add nsslapd-pluginarg1:
dc=example,dc=com
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
adding new entry "cn=krbPrincipalName uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
krbCanonicalName uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add nsslapd-pluginarg0:
krbCanonicalName
add nsslapd-pluginarg1:
dc=example,dc=com
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
adding new entry "cn=krbCanonicalName uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
netgroup uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add nsslapd-pluginarg0:
cn
add nsslapd-pluginarg1:
cn=ng,cn=alt,dc=example,dc=com
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
adding new entry "cn=netgroup uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
ipaUniqueID uniqueness
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add nsslapd-pluginarg0:
ipaUniqueID
add nsslapd-pluginarg1:
dc=example,dc=com
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
add nsslapd-pluginDescription:
Enforce unique attribute values
adding new entry "cn=ipaUniqueID uniqueness,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsSlapdPlugin
extensibleObject
add cn:
sudorule name uniqueness
add nsslapd-pluginDescription:
Enforce unique attribute values
add nsslapd-pluginPath:
libattr-unique-plugin
add nsslapd-pluginInitfunc:
NSUniqueAttr_Init
add nsslapd-pluginType:
preoperation
add nsslapd-pluginEnabled:
on
add nsslapd-pluginarg0:
cn
add nsslapd-pluginarg1:
cn=sudorules,cn=sudo,dc=example,dc=com
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginId:
NSUniqueAttr
add nsslapd-pluginVersion:
1.1.0
add nsslapd-pluginVendor:
Fedora Project
adding new entry "cn=sudorule name uniqueness,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [10/34]: configuring uuid plugin
[10/34]: configuring uuid plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/uuid-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpNzxuIq
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA UUID
add nsslapd-pluginpath:
libipa_uuid
add nsslapd-plugininitfunc:
ipauuid_init
add nsslapd-plugintype:
preoperation
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipauuid_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA UUID plugin
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA UUID,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp7sLQA6 -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpcz8pfh
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
extensibleObject
add cn:
IPA Unique IDs
add ipaUuidAttr:
ipaUniqueID
add ipaUuidMagicRegen:
autogenerate
add ipaUuidFilter:
(|(objectclass=ipaObject)(objectclass=ipaAssociation))
add ipaUuidScope:
dc=example,dc=com
add ipaUuidEnforce:
TRUE
adding new entry "cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [11/34]: configuring modrdn plugin
[11/34]: configuring modrdn plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/modrdn-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmp9fKZ7S
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA MODRDN
add nsslapd-pluginpath:
libipa_modrdn
add nsslapd-plugininitfunc:
ipamodrdn_init
add nsslapd-plugintype:
betxnpostoperation
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipamodrdn_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA MODRDN plugin
add nsslapd-plugin-depends-on-type:
database
add nsslapd-pluginPrecedence:
60
adding new entry "cn=IPA MODRDN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmprHFkAn -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpy_EzLr
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
extensibleObject
add cn:
Kerberos Principal Name
add ipaModRDNsourceAttr:
uid
add ipaModRDNtargetAttr:
krbPrincipalName
add ipaModRDNsuffix:
@EXAMPLE.COM
add ipaModRDNfilter:
(&(objectclass=posixaccount)(objectclass=krbPrincipalAux))
add ipaModRDNscope:
dc=example,dc=com
adding new entry "cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [12/34]: configuring DNS plugin
[12/34]: configuring DNS plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-dns-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpPzDbZX
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsslapdPlugin
extensibleObject
add cn:
IPA DNS
add nsslapd-plugindescription:
IPA DNS support plugin
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipa_dns
add nsslapd-plugininitfunc:
ipadns_init
add nsslapd-pluginpath:
libipa_dns.so
add nsslapd-plugintype:
preoperation
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-pluginversion:
1.0
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA DNS,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [13/34]: enabling entryUSN plugin
[13/34]: enabling entryUSN plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/entryusn.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpinCxBW
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-entryusn-global:
on
modifying entry "cn=config"
modify complete
replace nsslapd-entryusn-import-initval:
next
modifying entry "cn=config"
modify complete
replace nsslapd-pluginenabled:
on
modifying entry "cn=USN,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [14/34]: configuring lockout plugin
[14/34]: configuring lockout plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/lockout-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmp6RuKIC
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectclass:
top
nsSlapdPlugin
extensibleObject
add cn:
IPA Lockout
add nsslapd-pluginpath:
libipa_lockout
add nsslapd-plugininitfunc:
ipalockout_init
add nsslapd-plugintype:
object
add nsslapd-pluginenabled:
on
add nsslapd-pluginid:
ipalockout_version
add nsslapd-pluginversion:
1.0
add nsslapd-pluginvendor:
Red Hat, Inc.
add nsslapd-plugindescription:
IPA Lockout plugin
add nsslapd-plugin-depends-on-type:
database
adding new entry "cn=IPA Lockout,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [15/34]: creating indices
[15/34]: creating indices
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/indices.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpeRyavO
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
top
nsIndex
add cn:
krbPrincipalName
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=krbPrincipalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
ou
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=ou,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
carLicense
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=carLicense,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
title
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=title,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
manager
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=manager,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
secretary
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=secretary,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
displayname
add nsSystemIndex:
false
add nsIndexType:
eq
sub
adding new entry "cn=displayname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add nsIndexType:
sub
modifying entry "cn=uid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
uidnumber
add nsSystemIndex:
false
add nsIndexType:
eq
add nsMatchingRule:
integerOrderingMatch
adding new entry "cn=uidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add objectClass:
top
nsIndex
add cn:
gidnumber
add nsSystemIndex:
false
add nsIndexType:
eq
add nsMatchingRule:
integerOrderingMatch
adding new entry "cn=gidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
replace nsIndexType:
eq,pres
modifying entry "cn=ntUniqueId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
replace nsIndexType:
eq,pres
modifying entry "cn=ntUserDomainId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add ObjectClass:
top
nsIndex
add cn:
fqdn
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=fqdn,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add ObjectClass:
top
nsIndex
add cn:
macAddress
add nsSystemIndex:
false
add nsIndexType:
eq
pres
adding new entry "cn=macAddress,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberHost
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberHost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberUser
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberUser,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
sourcehost
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=sourcehost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberservice
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberservice,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
managedby
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=managedby,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberallowcmd
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberallowcmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
memberdenycmd
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=memberdenycmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipasudorunas
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipasudorunas,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipasudorunasgroup
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
pres
sub
adding new entry "cn=ipasudorunasgroup,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
automountkey
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipakrbprincipalalias
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=ipakrbprincipalalias,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
add cn:
ipauniqueid
add ObjectClass:
top
nsIndex
add nsSystemIndex:
false
add nsIndexType:
eq
adding new entry "cn=ipauniqueid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [16/34]: enabling referential integrity plugin
[16/34]: enabling referential integrity plugin
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/referint-conf.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpMesUIg
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-pluginenabled:
on
add nsslapd-pluginArg7:
manager
add nsslapd-pluginArg8:
secretary
add nsslapd-pluginArg9:
memberuser
add nsslapd-pluginArg10:
memberhost
add nsslapd-pluginArg11:
sourcehost
add nsslapd-pluginArg12:
memberservice
add nsslapd-pluginArg13:
managedby
add nsslapd-pluginArg14:
memberallowcmd
add nsslapd-pluginArg15:
memberdenycmd
add nsslapd-pluginArg16:
ipasudorunas
add nsslapd-pluginArg17:
ipasudorunasgroup
modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [17/34]: configuring ssl for ds instance
[17/34]: configuring ssl for ds instance
ipa : DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -N -f /etc/dirsrv/slapd-EXAMPLE-COM//pwdfile.txt
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/pk12util -d /etc/dirsrv/slapd-EXAMPLE-COM/ -i /tmp/tmpV3iDtbipa/realm_info/dscert.p12 -k /etc/dirsrv/slapd-EXAMPLE-COM//pwdfile.txt -v -w /dev/stdin
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=pk12util: PKCS12 IMPORT SUCCESSFUL
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
Server-Cert u,u,u
EXAMPLE.COM IPA CA ,,
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -A -n CA -t CT,CT, -a
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
Server-Cert u,u,u
EXAMPLE.COM IPA CA CT,C,
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -M -n EXAMPLE.COM IPA CA -t CT,CT,
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -O -n Server-Cert
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout="EXAMPLE.COM IPA CA" [CN=Certificate Authority,O=EXAMPLE.COM]
"Server-Cert" [CN=ipa2.example.com,O=EXAMPLE.COM]
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L -n EXAMPLE.COM IPA CA -a
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=-----BEGIN CERTIFICATE-----
MIIDpzCCAo+gAwIBAgIBATANBgkqhkiG9w0BAQsFADA+MRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMTMwNzE3MjAxNDM0WhcNMzMwNzE3MjAxNDM0WjA+MRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzqQ3ASw9Dy3+aUW+I9coF
EVzTZLN76NgbGCV8eHypQw/uHtYP2815xG+9UnYo/rU4yk+MA+8yyU8Pl/Zf3cW4
lweIbQUdWIeqFCuqUSKA87/33owgR6Vw7pVvpFahxlyPlkm4ea8o5T+ShqbaEDGl
nIQQOdu0ntrZzSnks2f4OXDlc72E9ynvaaP2rwGaCLpNd7h/4m6HwRU+e2n+G8WR
ZcmH9CSbnLA7P5UIw71/ryrW5fK88YtR1xlCxqGc0xIJ5J5w1rZsDbvbz1PZlAvj
FiLTbYxP6OBvxN2H+AWT/sCpu/KFh17XzboBeXWiJqaJcjSXs4tJPmym772l9qs1
AgMBAAGjga8wgawwHwYDVR0jBBgwFoAUEnr2QUuzwrqpDTdbGeVX7NdncicwDwYD
VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0OBBYEFBJ69kFLs8K6
qQ03WxnlV+zXZ3InMEkGCCsGAQUFBwEBBD0wOzA5BggrBgEFBQcwAYYtaHR0cDov
L2Nocm9ub3MuYnV0dGVyZmx5bmV0aW5jLmNvbTo4MC9jYS9vY3NwMA0GCSqGSIb3
DQEBCwUAA4IBAQB73I1uCktlr8FPt/PsL+1uVGjopk1FBOKc3z3v7VJjaCFj/v5K
VR5EV593ezXGZiK0jk509rzZDVmfBt+l5PvRbo2hvU6VqDRBj9Ui/if2nH+KjV8E
XvaceZClE4qmX4gjywD5OyrJxd3z7k4pwVjUZ1dY/TXe/0aoRk3wSKxJyHNe5uT+
5OkZkdGm2qxTPWSVGVobKN+Bxon5ESk4YXZXb2jriSxl4T2au/S0JXOfScg4uasy
ZZKhVbCGI7uvC5ZoyEX9IGGGE+EuAdh2WdXAqztKAkBHttHU65y0DnrBCGOIyuec
oMo3psqd5Yr+pUNKpE1buCDscPmFV+DQIyn2
-----END CERTIFICATE-----
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L -n Server-Cert -a
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=-----BEGIN CERTIFICATE-----
MIIEOjCCAyKgAwIBAgIBczANBgkqhkiG9w0BAQsFADA+MRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMTQwNDAxMjAyNzUyWhcNMTYwNDAxMjAyNzUyWjBFMRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMSUwIwYDVQQDExxjaHJvbm9zMy5idXR0ZXJmbHluZXRp
bmMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz3sUUMB7UDc
G8Qopxg/hAk8r9s4nGfpw5MVcnhsQs5rVWhhv9CA8+QVGuqyGsii9b4MT916urfJ
yBiGE+5zG0qhhOOQxmjkxoyHFpobTkWM6b5pehWDJilaIa2p193n/LKD51RiVuDU
SbEQHCITEXM9dUVhBAYxf1zEzQzJ4AX/OmPLeDqYX+H+m0m0NFK+wqnGnMGBeyv0
kFBckBHbUhRg2uxlb05y4FDXSyCVehAfvhieE3Ssah4IJfTOD5goYFDvDcfTI3OQ
URWLWnoP1nabJgZ0me+5oU0HK6/rCvyGhR1cknextL0UZ+YM6Io0YA7Yz7IKxjCI
ZcuPuypwhQIDAQABo4IBOjCCATYwHwYDVR0jBBgwFoAUEnr2QUuzwrqpDTdbGeVX
7NdncicwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vaXBhLWNh
LmJ1dHRlcmZseW5ldGluYy5jb20vY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMH4GA1UdHwR3MHUwc6A7oDmGN2h0
dHA6Ly9pcGEtY2EuYnV0dGVyZmx5bmV0aW5jLmNvbS9pcGEvY3JsL01hc3RlckNS
TC5iaW6iNKQyMDAxDjAMBgNVBAoTBWlwYWNhMR4wHAYDVQQDExVDZXJ0aWZpY2F0
ZSBBdXRob3JpdHkwHQYDVR0OBBYEFPpSXuoMvECrQ6NBZonQQfhj9pSrMA0GCSqG
SIb3DQEBCwUAA4IBAQAUoxPZSGLhqyCcBj+6oHxswpeKyhkfIzSYLHCiqAY5VbcD
cc7V7kEx39+cWMy0hhwpejCPFA/CWzf1lIJ49jS1z36beKMRrqZvRHqnXM0cctcO
6gygdBFx7+9+5hKil0LQIoLF+NAH31JEql0ooqGapC6Vjd7bddtx1eOZDTYL+JmG
dSTH6oLp4MF/AwBolhM/wg/03udiJtkad4eX7LQovewjO5nPBr8ZhJ1cArA6EYYK
dPNzJA9/3oyx+imEtOl6p2KclLSBMECKw7qXxpt2XZi/+hAgjk32kGbWPzO4igLL
dtkUxUAUwMtPmBadTLf61iwwuNFhPsIGhgR6DSFx
-----END CERTIFICATE-----
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
Server-Cert u,u,u
EXAMPLE.COM IPA CA CT,C,
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L -n Server-Cert -a
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=-----BEGIN CERTIFICATE-----
MIIEOjCCAyKgAwIBAgIBczANBgkqhkiG9w0BAQsFADA+MRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMTQwNDAxMjAyNzUyWhcNMTYwNDAxMjAyNzUyWjBFMRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMSUwIwYDVQQDExxjaHJvbm9zMy5idXR0ZXJmbHluZXRp
bmMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz3sUUMB7UDc
G8Qopxg/hAk8r9s4nGfpw5MVcnhsQs5rVWhhv9CA8+QVGuqyGsii9b4MT916urfJ
yBiGE+5zG0qhhOOQxmjkxoyHFpobTkWM6b5pehWDJilaIa2p193n/LKD51RiVuDU
SbEQHCITEXM9dUVhBAYxf1zEzQzJ4AX/OmPLeDqYX+H+m0m0NFK+wqnGnMGBeyv0
kFBckBHbUhRg2uxlb05y4FDXSyCVehAfvhieE3Ssah4IJfTOD5goYFDvDcfTI3OQ
URWLWnoP1nabJgZ0me+5oU0HK6/rCvyGhR1cknextL0UZ+YM6Io0YA7Yz7IKxjCI
ZcuPuypwhQIDAQABo4IBOjCCATYwHwYDVR0jBBgwFoAUEnr2QUuzwrqpDTdbGeVX
7NdncicwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vaXBhLWNh
LmJ1dHRlcmZseW5ldGluYy5jb20vY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMH4GA1UdHwR3MHUwc6A7oDmGN2h0
dHA6Ly9pcGEtY2EuYnV0dGVyZmx5bmV0aW5jLmNvbS9pcGEvY3JsL01hc3RlckNS
TC5iaW6iNKQyMDAxDjAMBgNVBAoTBWlwYWNhMR4wHAYDVQQDExVDZXJ0aWZpY2F0
ZSBBdXRob3JpdHkwHQYDVR0OBBYEFPpSXuoMvECrQ6NBZonQQfhj9pSrMA0GCSqG
SIb3DQEBCwUAA4IBAQAUoxPZSGLhqyCcBj+6oHxswpeKyhkfIzSYLHCiqAY5VbcD
cc7V7kEx39+cWMy0hhwpejCPFA/CWzf1lIJ49jS1z36beKMRrqZvRHqnXM0cctcO
6gygdBFx7+9+5hKil0LQIoLF+NAH31JEql0ooqGapC6Vjd7bddtx1eOZDTYL+JmG
dSTH6oLp4MF/AwBolhM/wg/03udiJtkad4eX7LQovewjO5nPBr8ZhJ1cArA6EYYK
dPNzJA9/3oyx+imEtOl6p2KclLSBMECKw7qXxpt2XZi/+hAgjk32kGbWPzO4igLL
dtkUxUAUwMtPmBadTLf61iwwuNFhPsIGhgR6DSFx
-----END CERTIFICATE-----
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl enable certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=ln -s '/usr/lib/systemd/system/certmonger.service' '/etc/systemd/system/multi-user.target.wants/certmonger.service'
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start messagebus.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active messagebus.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -L -d /etc/dirsrv/slapd-EXAMPLE-COM -n Server-Cert
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115 (0x73)
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Issuer: "CN=Certificate Authority,O=EXAMPLE.COM"
Validity:
Not Before: Tue Apr 01 20:27:52 2014
Not After : Fri Apr 01 20:27:52 2016
Subject: "CN=ipa2.example.com,O=EXAMPLE.COM"
Subject Public Key Info:
Public Key Algorithm: PKCS #1 RSA Encryption
RSA Public Key:
Modulus:
c7:3d:ec:51:43:01:ed:40:dc:1b:c4:28:a7:18:3f:84:
09:3c:af:db:38:9c:67:e9:c3:93:15:72:78:6c:42:ce:
6b:55:68:61:bf:d0:80:f3:e4:15:1a:ea:b2:1a:c8:a2:
f5:be:0c:4f:dd:7a:ba:b7:c9:c8:18:86:13:ee:73:1b:
4a:a1:84:e3:90:c6:68:e4:c6:8c:87:16:9a:1b:4e:45:
8c:e9:be:69:7a:15:83:26:29:5a:21:ad:a9:d7:dd:e7:
fc:b2:83:e7:54:62:56:e0:d4:49:b1:10:1c:22:13:11:
73:3d:75:45:61:04:06:31:7f:5c:c4:cd:0c:c9:e0:05:
ff:3a:63:cb:78:3a:98:5f:e1:fe:9b:49:b4:34:52:be:
c2:a9:c6:9c:c1:81:7b:2b:f4:90:50:5c:90:11:db:52:
14:60:da:ec:65:6f:4e:72:e0:50:d7:4b:20:95:7a:10:
1f:be:18:9e:13:74:ac:6a:1e:08:25:f4:ce:0f:98:28:
60:50:ef:0d:c7:d3:23:73:90:51:15:8b:5a:7a:0f:d6:
76:9b:26:06:74:99:ef:b9:a1:4d:07:2b:af:eb:0a:fc:
86:85:1d:5c:92:77:b1:b4:bd:14:67:e6:0c:e8:8a:34:
60:0e:d8:cf:b2:0a:c6:30:88:65:cb:8f:bb:2a:70:85
Exponent: 65537 (0x10001)
Signed Extensions:
Name: Certificate Authority Key Identifier
Key ID:
12:7a:f6:41:4b:b3:c2:ba:a9:0d:37:5b:19:e5:57:ec:
d7:67:72:27
Name: Authority Information Access
Method: PKIX Online Certificate Status Protocol
Location:
URI: "http://ipa-ca.example.com/ca/ocsp"
Name: Certificate Key Usage
Critical: True
Usages: Digital Signature
Non-Repudiation
Key Encipherment
Data Encipherment
Name: Extended Key Usage
TLS Web Server Authentication Certificate
TLS Web Client Authentication Certificate
Name: CRL Distribution Points
Distribution point:
URI: "http://ipa-ca.example.com/ipa/crl/MasterCRL.bin"
CRL issuer:
Directory Name: "CN=Certificate Authority,O=ipaca"
Name: Certificate Subject Key ID
Data:
fa:52:5e:ea:0c:bc:40:ab:43:a3:41:66:89:d0:41:f8:
63:f6:94:ab
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Signature:
14:a3:13:d9:48:62:e1:ab:20:9c:06:3f:ba:a0:7c:6c:
c2:97:8a:ca:19:1f:23:34:98:2c:70:a2:a8:06:39:55:
b7:03:71:ce:d5:ee:41:31:df:df:9c:58:cc:b4:86:1c:
29:7a:30:8f:14:0f:c2:5b:37:f5:94:82:78:f6:34:b5:
cf:7e:9b:78:a3:11:ae:a6:6f:44:7a:a7:5c:cd:1c:72:
d7:0e:ea:0c:a0:74:11:71:ef:ef:7e:e6:12:a2:97:42:
d0:22:82:c5:f8:d0:07:df:52:44:aa:5d:28:a2:a1:9a:
a4:2e:95:8d:de:db:75:db:71:d5:e3:99:0d:36:0b:f8:
99:86:75:24:c7:ea:82:e9:e0:c1:7f:03:00:68:96:13:
3f:c2:0f:f4:de:e7:62:26:d9:1a:77:87:97:ec:b4:28:
bd:ec:23:3b:99:cf:06:bf:19:84:9d:5c:02:b0:3a:11:
86:0a:74:f3:73:24:0f:7f:de:8c:b1:fa:29:84:b4:e9:
7a:a7:62:9c:94:b4:81:30:40:8a:c3:ba:97:c6:9b:76:
5d:98:bf:fa:10:20:8e:4d:f6:90:66:d6:3f:33:b8:8a:
02:cb:76:d9:14:c5:40:14:c0:cb:4f:98:16:9d:4c:b7:
fa:d6:2c:30:b8:d1:61:3e:c2:06:86:04:7a:0d:21:71
Fingerprint (MD5):
0B:C9:2A:B9:F9:CB:8D:0B:EB:4B:FA:93:17:F4:E0:ED
Fingerprint (SHA1):
25:78:C7:AC:F4:25:AA:5F:64:7C:B8:10:83:46:51:EC:D9:94:B0:B1
Certificate Trust Flags:
SSL Flags:
User
Email Flags:
User
Object Signing Flags:
User
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ipa-getcert start-tracking -d /etc/dirsrv/slapd-EXAMPLE-COM -n Server-Cert -p /etc/dirsrv/slapd-EXAMPLE-COM/pwdfile.txt -C /usr/lib64/ipa/certmonger/restart_dirsrv EXAMPLE-COM
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=New tracking request "20140402204959" added.
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl stop certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-EXAMPLE-COM/ -L -n Server-Cert -a
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=-----BEGIN CERTIFICATE-----
MIIEOjCCAyKgAwIBAgIBczANBgkqhkiG9w0BAQsFADA+MRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMTQwNDAxMjAyNzUyWhcNMTYwNDAxMjAyNzUyWjBFMRwwGgYDVQQKExNCVVRU
RVJGTFlORVRJTkMuQ09NMSUwIwYDVQQDExxjaHJvbm9zMy5idXR0ZXJmbHluZXRp
bmMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz3sUUMB7UDc
G8Qopxg/hAk8r9s4nGfpw5MVcnhsQs5rVWhhv9CA8+QVGuqyGsii9b4MT916urfJ
yBiGE+5zG0qhhOOQxmjkxoyHFpobTkWM6b5pehWDJilaIa2p193n/LKD51RiVuDU
SbEQHCITEXM9dUVhBAYxf1zEzQzJ4AX/OmPLeDqYX+H+m0m0NFK+wqnGnMGBeyv0
kFBckBHbUhRg2uxlb05y4FDXSyCVehAfvhieE3Ssah4IJfTOD5goYFDvDcfTI3OQ
URWLWnoP1nabJgZ0me+5oU0HK6/rCvyGhR1cknextL0UZ+YM6Io0YA7Yz7IKxjCI
ZcuPuypwhQIDAQABo4IBOjCCATYwHwYDVR0jBBgwFoAUEnr2QUuzwrqpDTdbGeVX
7NdncicwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vaXBhLWNh
LmJ1dHRlcmZseW5ldGluYy5jb20vY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMH4GA1UdHwR3MHUwc6A7oDmGN2h0
dHA6Ly9pcGEtY2EuYnV0dGVyZmx5bmV0aW5jLmNvbS9pcGEvY3JsL01hc3RlckNS
TC5iaW6iNKQyMDAxDjAMBgNVBAoTBWlwYWNhMR4wHAYDVQQDExVDZXJ0aWZpY2F0
ZSBBdXRob3JpdHkwHQYDVR0OBBYEFPpSXuoMvECrQ6NBZonQQfhj9pSrMA0GCSqG
SIb3DQEBCwUAA4IBAQAUoxPZSGLhqyCcBj+6oHxswpeKyhkfIzSYLHCiqAY5VbcD
cc7V7kEx39+cWMy0hhwpejCPFA/CWzf1lIJ49jS1z36beKMRrqZvRHqnXM0cctcO
6gygdBFx7+9+5hKil0LQIoLF+NAH31JEql0ooqGapC6Vjd7bddtx1eOZDTYL+JmG
dSTH6oLp4MF/AwBolhM/wg/03udiJtkad4eX7LQovewjO5nPBr8ZhJ1cArA6EYYK
dPNzJA9/3oyx+imEtOl6p2KclLSBMECKw7qXxpt2XZi/+hAgjk32kGbWPzO4igLL
dtkUxUAUwMtPmBadTLf61iwwuNFhPsIGhgR6DSFx
-----END CERTIFICATE-----
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl start certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active certmonger.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldap://ipa2.example.com:389 from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldap://ipa2.example.com:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x2a48950>
ipa : DEBUG duration: 10 seconds
ipa : DEBUG [18/34]: configuring certmap.conf
[18/34]: configuring certmap.conf
ipa : DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state'
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [19/34]: configure autobind for root
[19/34]: configure autobind for root
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/root-autobind.ldif -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpzb6zKB
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add objectClass:
extensibleObject
top
add cn:
root-autobind
add uidNumber:
0
add gidNumber:
0
adding new entry "cn=root-autobind,cn=config"
modify complete
replace nsslapd-ldapiautobind:
on
modifying entry "cn=config"
modify complete
replace nsslapd-ldapimaptoentries:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [20/34]: configure new location for managed entries
[20/34]: configure new location for managed entries
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpb6Uy_z -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpUMIc_m
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=add nsslapd-pluginConfigArea:
cn=Definitions,cn=Managed Entries,cn=etc,dc=example,dc=com
modifying entry "cn=Managed Entries,cn=plugins,cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [21/34]: configure dirsrv ccache
[21/34]: configure dirsrv ccache
ipa : DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv'
ipa : DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/selinuxenabled
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/sbin/restorecon /etc/sysconfig/dirsrv
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [22/34]: enable SASL mapping fallback
[22/34]: enable SASL mapping fallback
ipa : DEBUG Starting external process
ipa : DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpa8svse -H ldap://ipa2.example.com:389 -x -D cn=Directory Manager -y /tmp/tmpBayUy6
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=replace nsslapd-sasl-mapping-fallback:
on
modifying entry "cn=config"
modify complete
ipa : DEBUG stderr=ldap_initialize( ldap://ipa2.example.com:389/??base )
ipa : DEBUG duration: 0 seconds
ipa : DEBUG [23/34]: restarting directory server
[23/34]: restarting directory server
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG duration: 2 seconds
ipa : DEBUG [24/34]: setting up initial replication
[24/34]: setting up initial replication
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldapi://%2fvar%2frun%2fslapd-EXAMPLE-COM.socket from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-EXAMPLE-COM.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x2a48b00>
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl --system daemon-reload
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl restart dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=
ipa : DEBUG stderr=
ipa : DEBUG Starting external process
ipa : DEBUG args=/bin/systemctl is-active dirsrv@EXAMPLE-COM.service
ipa : DEBUG Process finished, return code=0
ipa : DEBUG stdout=active
ipa : DEBUG stderr=
ipa : DEBUG wait_for_open_ports: localhost [389] timeout 300
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldap://ipa.example.com:389 from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldap://ipa.example.com:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x47a62d8>
ipa.ipapython.ipaldap.SchemaCache: DEBUG flushing ldaps://ipa2.example.com:636 from SchemaCache
ipa.ipapython.ipaldap.SchemaCache: DEBUG retrieving schema for SchemaCache url=ldaps://ipa2.example.com:636 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x45732d8>
Starting replication, please wait until this has completed.
Update in progress, 1 seconds elapsed
Update in progress, 2 seconds elapsed
Update in progress, 3 seconds elapsedipa : DEBUG File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 638, in run_script
return_value = main_function()
File "/sbin/ipa-replica-install", line 663, in main
ds = install_replica_ds(config)
File "/sbin/ipa-replica-install", line 188, in install_replica_ds
ca_file=config.dir + "/ca.crt",
File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 360, in create_replica
self.start_creation(runtime=60)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 364, in start_creation
method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 373, in __setup_replica
r_bindpw=self.dm_password)
File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 961, in setup_replication
raise RuntimeError("Failed to start replication")
ipa : DEBUG The ipa-replica-install command failed, exception: RuntimeError: Failed to start replication
Failed to start replication
[ipa.example.com] reports: Update failed! Status: [-1 Total update abortedLDAP error: Can't contact LDAP server]
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
Raw
ipa2-access
[03/Apr/2014:02:46:27 +0000] conn=123 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:02:46:27 +0000] conn=123 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:02:46:27 +0000] conn=123 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:46:27 +0000] conn=123 SSL 256-bit AES
[03/Apr/2014:02:46:27 +0000] conn=123 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:02:46:27 +0000] conn=123 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:02:46:27 +0000] conn=123 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:46:27 +0000] conn=123 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:46:27 +0000] conn=123 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:46:27 +0000] conn=123 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:46:27 +0000] conn=123 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:46:27 +0000] conn=123 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:46:28 +0000] conn=123 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:46:28 +0000] conn=123 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:46:28 +0000] conn=123 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:46:28 +0000] conn=123 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:46:29 +0000] conn=123 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:46:29 +0000] conn=123 op=7 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:47:29 +0000] conn=123 op=8 UNBIND
[03/Apr/2014:02:47:29 +0000] conn=123 op=8 fd=64 closed - U1
[03/Apr/2014:02:50:10 +0000] conn=124 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:02:50:10 +0000] conn=124 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:02:50:10 +0000] conn=124 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:50:10 +0000] conn=124 SSL 256-bit AES
[03/Apr/2014:02:50:10 +0000] conn=124 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:02:50:10 +0000] conn=124 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:02:50:10 +0000] conn=124 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:50:10 +0000] conn=124 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:50:10 +0000] conn=124 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:50:10 +0000] conn=124 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:50:10 +0000] conn=124 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:50:10 +0000] conn=124 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:50:11 +0000] conn=124 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:50:11 +0000] conn=124 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:50:11 +0000] conn=124 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:50:11 +0000] conn=124 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:50:12 +0000] conn=124 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:50:12 +0000] conn=124 op=7 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:51:12 +0000] conn=124 op=8 UNBIND
[03/Apr/2014:02:51:12 +0000] conn=124 op=8 fd=64 closed - U1
[03/Apr/2014:02:52:48 +0000] conn=125 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:02:52:48 +0000] conn=125 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:02:52:48 +0000] conn=125 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:52:48 +0000] conn=125 SSL 256-bit AES
[03/Apr/2014:02:52:48 +0000] conn=125 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:02:52:48 +0000] conn=125 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:02:52:48 +0000] conn=125 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:52:48 +0000] conn=125 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:52:48 +0000] conn=125 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:52:48 +0000] conn=125 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:52:48 +0000] conn=125 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:52:48 +0000] conn=125 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:52:49 +0000] conn=125 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:52:49 +0000] conn=125 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:52:49 +0000] conn=125 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:52:49 +0000] conn=125 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:52:50 +0000] conn=125 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:52:50 +0000] conn=125 op=7 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:53:51 +0000] conn=125 op=8 UNBIND
[03/Apr/2014:02:53:51 +0000] conn=125 op=8 fd=64 closed - U1
[03/Apr/2014:02:53:52 +0000] conn=126 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:02:53:52 +0000] conn=126 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:02:53:52 +0000] conn=126 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:53:52 +0000] conn=126 SSL 256-bit AES
[03/Apr/2014:02:53:52 +0000] conn=126 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:02:53:52 +0000] conn=126 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:02:53:52 +0000] conn=126 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:53:52 +0000] conn=126 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:53:52 +0000] conn=126 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:53:52 +0000] conn=126 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:53:52 +0000] conn=126 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:53:52 +0000] conn=126 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:53:53 +0000] conn=126 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:53:53 +0000] conn=126 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:53:53 +0000] conn=126 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:53:53 +0000] conn=126 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:53:54 +0000] conn=126 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:53:54 +0000] conn=126 op=7 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:54:55 +0000] conn=126 op=8 UNBIND
[03/Apr/2014:02:54:55 +0000] conn=126 op=8 fd=64 closed - U1
[03/Apr/2014:02:55:09 +0000] conn=127 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:02:55:09 +0000] conn=127 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:02:55:09 +0000] conn=127 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:55:09 +0000] conn=127 SSL 256-bit AES
[03/Apr/2014:02:55:09 +0000] conn=127 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:02:55:09 +0000] conn=127 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:02:55:09 +0000] conn=127 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:55:09 +0000] conn=127 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:55:09 +0000] conn=127 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:02:55:09 +0000] conn=127 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:02:55:09 +0000] conn=127 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:55:09 +0000] conn=127 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:55:10 +0000] conn=127 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:55:10 +0000] conn=127 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:55:10 +0000] conn=127 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:02:55:10 +0000] conn=127 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:55:11 +0000] conn=127 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:02:55:11 +0000] conn=127 op=7 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:02:56:12 +0000] conn=127 op=8 UNBIND
[03/Apr/2014:02:56:12 +0000] conn=127 op=8 fd=64 closed - U1
[03/Apr/2014:03:00:11 +0000] conn=128 fd=64 slot=64 connection from 10.0.3.4 to 10.0.3.15
[03/Apr/2014:03:00:11 +0000] conn=128 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[03/Apr/2014:03:00:11 +0000] conn=128 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:00:11 +0000] conn=128 SSL 256-bit AES
[03/Apr/2014:03:00:11 +0000] conn=128 op=1 BIND dn="cn=replication manager,cn=config" method=128 version=3
[03/Apr/2014:03:00:11 +0000] conn=128 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config"
[03/Apr/2014:03:00:11 +0000] conn=128 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:03:00:11 +0000] conn=128 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:03:00:11 +0000] conn=128 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[03/Apr/2014:03:00:11 +0000] conn=128 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[03/Apr/2014:03:00:11 +0000] conn=128 op=4 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:03:00:11 +0000] conn=128 op=4 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:00:12 +0000] conn=128 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:03:00:12 +0000] conn=128 op=5 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:00 +0000] conn=128 op=6 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:03:01:00 +0000] conn=128 op=6 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:01 +0000] conn=128 op=8 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:03:01:01 +0000] conn=128 op=8 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:01 +0000] conn=128 op=9 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:03:01:01 +0000] conn=128 op=9 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:02 +0000] conn=128 op=10 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:03:01:02 +0000] conn=128 op=10 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:02 +0000] conn=128 op=11 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:03:01:02 +0000] conn=128 op=11 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:03 +0000] conn=128 op=12 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:03:01:03 +0000] conn=128 op=12 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:03 +0000] conn=128 op=13 EXT oid="2.16.840.1.113730.3.5.12" name="replication-multimaster-extop"
[03/Apr/2014:03:01:03 +0000] conn=128 op=13 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:01:04 +0000] conn=128 op=14 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session"
[03/Apr/2014:03:01:04 +0000] conn=128 op=14 RESULT err=0 tag=120 nentries=0 etime=0
[03/Apr/2014:03:02:05 +0000] conn=128 op=15 UNBIND
[03/Apr/2014:03:02:05 +0000] conn=128 op=15 fd=64 closed - U1
Raw
ipa2-errors
[02/Apr/2014:20:49:50 +0000] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[02/Apr/2014:20:49:50 +0000] - check_and_set_import_cache: pagesize: 4096, pages: 433369, procpages: 52122
[02/Apr/2014:20:49:50 +0000] - WARNING: After allocating import cache 693388KB, the available memory is 1040088KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import.
[02/Apr/2014:20:49:50 +0000] - Import allocates 693388KB import cache.
[02/Apr/2014:20:49:50 +0000] - import userRoot: Beginning import job...
[02/Apr/2014:20:49:50 +0000] - import userRoot: Index buffering enabled with bucket size 100
[02/Apr/2014:20:49:50 +0000] - import userRoot: Processing file "/var/lib/dirsrv/boot.ldif"
[02/Apr/2014:20:49:50 +0000] - import userRoot: Finished scanning file "/var/lib/dirsrv/boot.ldif" (1 entries)
[02/Apr/2014:20:49:51 +0000] - import userRoot: Workers finished; cleaning up...
[02/Apr/2014:20:49:51 +0000] - import userRoot: Workers cleaned up.
[02/Apr/2014:20:49:51 +0000] - import userRoot: Cleaning up producer thread...
[02/Apr/2014:20:49:51 +0000] - import userRoot: Indexing complete. Post-processing...
[02/Apr/2014:20:49:51 +0000] - import userRoot: Generating numSubordinates complete.
[02/Apr/2014:20:49:51 +0000] - Nothing to do to build ancestorid index
[02/Apr/2014:20:49:51 +0000] - import userRoot: Flushing caches...
[02/Apr/2014:20:49:51 +0000] - import userRoot: Closing files...
[02/Apr/2014:20:49:51 +0000] - All database threads now stopped
[02/Apr/2014:20:49:51 +0000] - import userRoot: Import complete. Processed 1 entries in 1 seconds. (1.00 entries/sec)
[02/Apr/2014:20:49:53 +0000] - 389-Directory/1.3.1.22.a1 B2014.073.1751 starting up
[02/Apr/2014:20:49:54 +0000] - Db home directory is not set. Possibly nsslapd-directory (optionally nsslapd-db-home-directory) is missing in the config file.
[02/Apr/2014:20:49:54 +0000] - I'm resizing my cache now...cache was 710029312 and is now 8000000
[02/Apr/2014:20:49:54 +0000] - 389-Directory/1.3.1.22.a1 B2014.073.1751 starting up
[02/Apr/2014:20:49:54 +0000] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
[02/Apr/2014:20:49:55 +0000] - slapd started. Listening on All Interfaces port 389 for LDAP requests
[02/Apr/2014:20:49:56 +0000] - The change of nsslapd-ldapilisten will not take effect until the server is restarted
[02/Apr/2014:20:50:07 +0000] - Warning: Adding configuration attribute "nsslapd-security"
[02/Apr/2014:20:50:09 +0000] - slapd shutting down - signaling operation threads
[02/Apr/2014:20:50:09 +0000] - slapd shutting down - waiting for 1 thread to terminate
[02/Apr/2014:20:50:09 +0000] - slapd shutting down - closing down internal subsystems and plugins
[02/Apr/2014:20:50:09 +0000] - Waiting for 4 database threads to stop
[02/Apr/2014:20:50:09 +0000] - All database threads now stopped
[02/Apr/2014:20:50:09 +0000] - slapd stopped.
[02/Apr/2014:20:50:11 +0000] - 389-Directory/1.3.1.22.a1 B2014.073.1751 starting up
[02/Apr/2014:20:50:11 +0000] attrcrypt - No symmetric key found for cipher AES in backend userRoot, attempting to create one...
[02/Apr/2014:20:50:11 +0000] attrcrypt - Key for cipher AES successfully generated and stored
[02/Apr/2014:20:50:11 +0000] attrcrypt - No symmetric key found for cipher 3DES in backend userRoot, attempting to create one...
[02/Apr/2014:20:50:11 +0000] attrcrypt - Key for cipher 3DES successfully generated and stored
[02/Apr/2014:20:50:11 +0000] ipalockout_get_global_config - [file ipa_lockout.c, line 185]: Failed to get default realm (-1765328160)
[02/Apr/2014:20:50:11 +0000] ipaenrollment_start - [file ipa_enrollment.c, line 393]: Failed to get default realm?!
[02/Apr/2014:20:50:11 +0000] - slapd started. Listening on All Interfaces port 389 for LDAP requests
[02/Apr/2014:20:50:11 +0000] - Listening on All Interfaces port 636 for LDAPS requests
[02/Apr/2014:20:50:11 +0000] - Listening on /var/run/slapd-EXAMPLE-COM.socket for LDAPI requests
[02/Apr/2014:20:50:12 +0000] - slapd shutting down - signaling operation threads
[02/Apr/2014:20:50:12 +0000] - slapd shutting down - waiting for 1 thread to terminate
[02/Apr/2014:20:50:12 +0000] - slapd shutting down - closing down internal subsystems and plugins
[02/Apr/2014:20:50:12 +0000] - Waiting for 4 database threads to stop
[02/Apr/2014:20:50:13 +0000] - All database threads now stopped
[02/Apr/2014:20:50:13 +0000] - slapd stopped.
[02/Apr/2014:20:50:15 +0000] - 389-Directory/1.3.1.22.a1 B2014.073.1751 starting up
[02/Apr/2014:20:50:15 +0000] ipalockout_get_global_config - [file ipa_lockout.c, line 185]: Failed to get default realm (-1765328160)
[02/Apr/2014:20:50:15 +0000] ipaenrollment_start - [file ipa_enrollment.c, line 393]: Failed to get default realm?!
[02/Apr/2014:20:50:15 +0000] - slapd started. Listening on All Interfaces port 389 for LDAP requests
[02/Apr/2014:20:50:15 +0000] - Listening on All Interfaces port 636 for LDAPS requests
[02/Apr/2014:20:50:15 +0000] - Listening on /var/run/slapd-EXAMPLE-COM.socket for LDAPI requests
[02/Apr/2014:20:50:17 +0000] NSMMReplicationPlugin - agmt="cn=meToipa.example.com" (ipa:389): The remote replica has a different database generation ID than the local database. You may have to reinitialize the remote replica, or the local replica.
[02/Apr/2014:20:50:18 +0000] NSMMReplicationPlugin - multimaster_be_state_change: replica dc=example,dc=com is going offline; disabling replication
[02/Apr/2014:20:50:18 +0000] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[02/Apr/2014:20:50:21 +0000] - import userRoot: Workers finished; cleaning up...
[02/Apr/2014:20:50:21 +0000] - import userRoot: Workers cleaned up.
[02/Apr/2014:20:50:21 +0000] - import userRoot: Indexing complete. Post-processing...
[02/Apr/2014:20:50:21 +0000] - import userRoot: Generating numSubordinates complete.
[02/Apr/2014:20:50:21 +0000] - import userRoot: Flushing caches...
[02/Apr/2014:20:50:21 +0000] - import userRoot: Closing files...
[02/Apr/2014:20:50:21 +0000] - import userRoot: Import complete. Processed 453 entries in 3 seconds. (151.00 entries/sec)
[02/Apr/2014:20:50:21 +0000] NSMMReplicationPlugin - multimaster_be_state_change: replica dc=example,dc=com is coming online; enabling replication
[02/Apr/2014:20:50:21 +0000] - Skipping CoS Definition cn=Password Policy,cn=accounts,dc=example,dc=com--no CoS Templates found, which should be added before the CoS Definition.
Raw
var_log_messages
Apr 2 20:49:48 localhost systemd[1]: Stopped Network Time Service.
Apr 2 20:49:48 localhost systemd[1]: Reloading.
Apr 2 20:49:48 localhost systemd[1]: Starting Network Time Service...
Apr 2 20:49:48 localhost ntpd[17664]: ntpd 4.2.6p5@1.2349-o Tue Apr 2 17:46:59 UTC 2013 (1)
Apr 2 20:49:48 localhost systemd[1]: Started Network Time Service.
Apr 2 20:49:48 localhost ntpd[17665]: proto: precision = 1.282 usec
Apr 2 20:49:48 localhost ntpd[17665]: 0.0.0.0 c01d 0d kern kernel time sync enabled
Apr 2 20:49:48 localhost ntpd[17665]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: Listen and drop on 1 v6wildcard :: UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: Listen normally on 2 lo 127.0.0.1 UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: Listen normally on 3 eth0 10.0.3.15 UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: Listen normally on 4 lo ::1 UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: Listen normally on 5 eth0 fe80::cba:e9ff:fe5d:8e0a UDP 123
Apr 2 20:49:48 localhost ntpd[17665]: peers refreshed
Apr 2 20:49:48 localhost ntpd[17665]: Listening on routing socket on fd #22 for interface updates
Apr 2 20:49:49 localhost ntpd[17665]: 0.0.0.0 c016 06 restart
Apr 2 20:49:49 localhost ntpd[17665]: 0.0.0.0 c012 02 freq_set ntpd -15.980 PPM
Apr 2 20:49:52 localhost ntpd[17665]: 0.0.0.0 c515 05 clock_sync
Apr 2 20:49:53 localhost systemd[1]: Starting 389 Directory Server.
Apr 2 20:49:53 localhost systemd[1]: Reached target 389 Directory Server.
Apr 2 20:49:53 localhost systemd[1]: Starting 389 Directory Server EXAMPLE-COM....
Apr 2 20:49:53 localhost systemd[1]: Started 389 Directory Server EXAMPLE-COM..
Apr 2 20:49:54 localhost systemd[1]: Reloading.
Apr 2 20:49:54 localhost systemd[1]: Stopping 389 Directory Server EXAMPLE-COM....
Apr 2 20:49:54 localhost systemd[1]: Starting 389 Directory Server EXAMPLE-COM....
Apr 2 20:49:54 localhost systemd[1]: Started 389 Directory Server EXAMPLE-COM..
Apr 2 20:49:59 localhost systemd[1]: Reloading.
Apr 2 20:49:59 localhost systemd[1]: Started D-Bus System Message Bus.
Apr 2 20:49:59 localhost systemd[1]: Starting Certificate monitoring and PKI enrollment...
Apr 2 20:49:59 localhost systemd[1]: Started Certificate monitoring and PKI enrollment.
Apr 2 20:49:59 localhost systemd[1]: Stopping Certificate monitoring and PKI enrollment...
Apr 2 20:49:59 localhost systemd[1]: Stopped Certificate monitoring and PKI enrollment.
Apr 2 20:50:08 localhost systemd[1]: Starting Certificate monitoring and PKI enrollment...
Apr 2 20:50:08 localhost systemd[1]: Started Certificate monitoring and PKI enrollment.
Apr 2 20:50:09 localhost systemd[1]: Reloading.
Apr 2 20:50:09 localhost systemd[1]: Stopping 389 Directory Server EXAMPLE-COM....
Apr 2 20:50:10 localhost systemd[1]: Starting 389 Directory Server EXAMPLE-COM....
Apr 2 20:50:10 localhost systemd[1]: Started 389 Directory Server EXAMPLE-COM..
Apr 2 20:50:12 localhost systemd[1]: Reloading.
Apr 2 20:50:13 localhost systemd[1]: Stopping 389 Directory Server EXAMPLE-COM....
Apr 2 20:50:14 localhost systemd[1]: Starting 389 Directory Server EXAMPLE-COM....
Apr 2 20:50:15 localhost systemd[1]: Started 389 Directory Server EXAMPLE-COM..
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment