Versions used:
freeipa-server-4.2.90.201511131102GITc972d0b-0.fc22.x86_64
ipa-server-3.0.0-47.el6.x86_64
Possible reason:
cn=custodia,cn=ipa,cn=etc,$SUFFIX does not exist on the server. Probably because updates were not run yet and bootstrap-template.ldif is not applied on replica install.
cn=custodia,cn=ipa,cn=etc,$SUFFIX
Assuming the same issue will appear when installing replica against other non-4-3 master.
Traceback:
<snip> Done configuring the web interface (httpd). Configuring ipa-otpd [1/2]: starting ipa-otpd [2/2]: configuring ipa-otpd to start on boot Done configuring ipa-otpd. Configuring ipa-custodia [1/4]: Generating ipa-custodia config file [2/4]: Generating ipa-custodia keys [error] NO_SUCH_OBJECT: {'desc': 'No such object'} Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. ipa.ipapython.install.cli.install_tool(Replica): ERROR {'desc': 'No such object'} ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
from ipareplica-install.log:
2015-11-20T17:26:32Z DEBUG duration: 0 seconds 2015-11-20T17:26:32Z DEBUG [2/4]: Generating ipa-custodia keys 2015-11-20T17:26:37Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 445, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 435, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/custodiainstance.py", line 55, in __gen_keys KeyStore.generate_server_keys() File "/usr/lib/python2.7/site-packages/ipapython/secrets/kem.py", line 181, in generate_server_keys ldapconn.set_key(KEY_USAGE_SIG, self.host, principal, pubkeys[0]) File "/usr/lib/python2.7/site-packages/ipapython/secrets/kem.py", line 127, in set_key conn.modify_s(dn, mods) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 364, in modify_s return self.result(msgid,all=1,timeout=self.timeout) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 465, in result resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 469, in result2 resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 476, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 483, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) NO_SUCH_OBJECT: {'desc': 'No such object'}
Additional info:
[20/Nov/2015:18:26:36 +0100] conn=50 op=1 ADD dn="cn=sig/test.example.com,cn=custodia,cn=ipa,cn=etc,dc=example.com" [20/Nov/2015:18:26:36 +0100] conn=50 op=1 RESULT err=32 tag=105 nentries=0 etime=0 csn=564f57ce000000030000 [20/Nov/2015:18:26:36 +0100] conn=50 op=2 MOD dn="cn=sig/test.example.com,cn=custodia,cn=ipa,cn=etc,dc=example.com" [20/Nov/2015:18:26:36 +0100] conn=50 op=2 RESULT err=32 tag=103 nentries=0 etime=0
master:
Metadata Update from @pvoborni: - Issue assigned to tbabej - Issue set to the milestone: FreeIPA 4.3
Login to comment on this ticket.