ipa-server-install --uninstall fails to export DNSSEC data with error message because LDAP server has been stopped already:
ipa-server-install --uninstall
Shutting down all IPA services Unconfiguring ntpd Configuring certmonger to stop tracking system certificates for KRA Unconfiguring KRA Configuring certmonger to stop tracking system certificates for CA Unconfiguring CA Unconfiguring ods-enforcerd Exporting DNSSEC data before uninstallation ipaserver.install.opendnssecinstance: ERROR DNSSEC data export failed
freeipa-server-4.6.90.dev201803141340+git2c05e42af-0.fc28.x86_64
2018-03-15T06:44:16Z DEBUG Exporting DNSSEC data before uninstallation 2018-03-15T06:44:16Z DEBUG Starting external process 2018-03-15T06:44:16Z DEBUG args=['/usr/libexec/ipa/ipa-ods-exporter', 'ipa-full-update'] 2018-03-15T06:44:16Z DEBUG runas=ods (UID 999, GID 998) 2018-03-15T06:44:20Z DEBUG Process finished, return code=1 2018-03-15T06:44:20Z DEBUG stdout= 2018-03-15T06:44:20Z DEBUG stderr=importing all plugin modules in ipaserver.plugins... ... Kerberos principal: ipa-ods-exporter/master.ipa.example Initializing principal ipa-ods-exporter/master.ipa.example using keytab /etc/ipa/dnssec/ipa-ods-exporter.keytab using ccache /var/opendnssec/tmp/ipa-ods-exporter.ccache Attempt 1/5: success Got TGT Connecting to LDAP Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/ipapython/ipaldap.py", line 1007, in error_handler yield File "/usr/lib/python3.6/site-packages/ipapython/ipaldap.py", line 1166, in gssapi_bind '', auth_tokens, server_controls, client_controls) File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 444, in sasl_interactive_bind_s return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags) File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 308, in _ldap_call reraise(exc_type, exc_value, exc_traceback) File "/usr/lib64/python3.6/site-packages/ldap/compat.py", line 44, in reraise raise exc_value File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 292, in _ldap_call result = func(*args,**kwargs) ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 111, 'info': 'Connection refused'}
It's still broken in 4.7.0 on F28 and F29.
Metadata Update from @frenaud: - Issue set to the milestone: DNSSEC
Login to comment on this ticket.