Hi, I want to install replica server but I have errors. Replica server: System: CentOS Linux release 7.4.1708 (Core) IPA: VERSION: 4.5.0, API_VERSION: 2.228 What I do: ipa-client-install --mkhomedir This process ran without a problem Next [root@auth02 ~]# ipa-replica-install Password for admin@xxxxxxx: Run connection check to master Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR Connection check failed! See /var/log/ipareplica-conncheck.log for more information. If the check results are not valid it can be skipped with --skip-conncheck parameter. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information In logs I see the problem is connection form master to replica server. This services are not install yet. Why ipa-replica-install checkt it? How to fix this problem? 2018-03-09T13:57:51Z DEBUG stderr=Check connection from replica to remote master 'auth01.idm.wan': Directory Service: Unsecure port (389): OK Directory Service: Secure port (636): OK Kerberos KDC: TCP (88): OK Kerberos Kpasswd: TCP (464): OK HTTP Server: Unsecure port (80): OK HTTP Server: Secure port (443): OK The following list of ports use UDP protocoland would need to be checked manually: Kerberos KDC: UDP (88): SKIPPED Kerberos Kpasswd: UDP (464): SKIPPED Connection from replica to master is OK. Start listening on required ports for remote master check Get credentials to log in to remote master Check RPC connection to remote master trying https://auth01.idm.wan/ipa/json [try 1]: Forwarding 'ping/1' to json server 'https://auth01.idm.wan/ipa/json' Execute check on remote master [try 1]: Forwarding 'server_conncheck' to json server 'https://auth01.idm.wan/ipa/json' Check connection from master to remote replica 'auth02.idm.wan': Failed to connect to port 389 tcp on 10.0.102.56 Directory Service: Unsecure port (389): FAILED Failed to connect to port 636 tcp on 10.0.102.56 Directory Service: Secure port (636): FAILED Failed to connect to port 88 tcp on 10.0.102.56 Kerberos KDC: TCP (88): FAILED Failed to connect to port 88 udp on 10.0.102.56 Kerberos KDC: UDP (88): WARNING Failed to connect to port 464 tcp on 10.0.102.56 Kerberos Kpasswd: TCP (464): FAILED Failed to connect to port 464 udp on 10.0.102.56 Kerberos Kpasswd: UDP (464): WARNING Failed to connect to port 80 tcp on 10.0.102.56 HTTP Server: Unsecure port (80): FAILED Failed to connect to port 443 tcp on 10.0.102.56 HTTP Server: Secure port (443): FAILED The following UDP ports could not be verified as open: 88, 464 This can happen if they are already bound to an application and ipa-replica-conncheck cannot attach own UDP responder. ERROR: Port check failed! Inaccessible port(s): 389 (TCP), 636 (TCP), 88 (TCP), 464 (TCP), 80 (TCP), 443 (TCP) ERROR: Remote master check failed with following error message(s): ipa-replica-conncheck returned non-zero exit code Best regards _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
