On 03/23/2018 12:07 AM, Sergei Gerasenko wrote: > The error I’m basically getting is: > > [23/Mar/2018:03:23:29.461074995 +0000] - ERR - NSMMReplicationPlugin - bind_and_check_pwp - agmt=“cn=HOST1-to-HOST2" (ipa203:389) - Replication bind with GSSAPI auth failed: LDAP error 49 (Invalid credentials) () > > Any ideas? GSSAPI authentication is failing. Wrong principle name in agreement? KDC issue? I don't know, but that's what the error means. It could also be a red herring as it typically does recover (it logs something like "auth resumed"). We need to see more logging from the errors log. > >> On Mar 22, 2018, at 5:05 PM, Sergei Gerasenko <gerases@xxxxxxxxx> wrote: >> >> Hi guys, >> >> I ran into a rather significant problem. I needed to rebuild two nodes in my topology and re-include them under the same hostnames. What I’m seeing now is that the replication to these new nodes is broken. Replication from them seems to work. I suspect that we have some stale metadata somewhere in the topology whereby the old nodes are still present somewhere in the agreements under other ids? >> >> What’s the best way to troubleshoot this? >> >> Thanks again, >> Sergei > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
