Description: IPA DS-migration fails when used with LDPAS.
Version: ipa-server-4.4.90-201703122305.el7.x86_64
Steps to Reproduce: 1. Setup IPA server configured on RHEL 7.4 (copr build) (In my case ipa-server-4.4.90-201703122305.el7.x86_64) 2. Configure a separate Directory server for migration of its data to IPA Master. 3. Configure some data to this Directory server. 4. Configure LDAPS to this Directory server. 5. Now migrate the directory server data on port 389 to IPA master: ( in my case) echo Secret123 | ipa migrate-ds --user-container="ou=People,dc=example,dc=com" --group-container="ou=groups,dc=example,dc=com" ldap://cloud-qe-03.testrelm.test:389
6.Now migrate the directory server data on port 636 to IPA master: ( in my case:) echo Secret123 | ipa migrate-ds --user-container="ou=People,dc=example,dc=com" --group-container="ou=groups,dc=example,dc=com" ldaps://auto-hv-01-guest01.testrelm.test:636 --ca-cert-file=remoteds.crt
Actual Result: 1. After step5, migration is successful. 2. After step6, DS-migration fails with LDAPS. (Refer attachment)
Expected Result: DS-Migration should be successful with LDAPS and no error should be observed.
<img alt="DS-migration-fails-ldpas.txt" src="/freeipa/issue/raw/files/611bec956eff6d5c3700ba130f261164b0401b432190ef5ffa86cb6b0a9a762f-DS-migration-fails-ldpas.txt" />
Does remoteds.crt contain the right CA certificate?
remoteds.crt
the certificate appears to be correct, is there anything you would want me to test on the machine?
Based on error from the command which ends with RuntimeError: maximum recursion depth exceeded and does a lot of File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1080, in forward, closing as dup of #6775
RuntimeError: maximum recursion depth exceeded
File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1080, in forward
Metadata Update from @pvoborni: - Issue close_status updated to: duplicate - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.