I'm new to freeipa. I receive an ipaldap.py error at end of installation. Assistance would be appreciated, Thank you
Default install or install without CA
Install fails.
Success
$ rpm -q freeipa-server freeipa-client ipa-server ipa-client 389-ds-base pki-ca krb5-server
freeipa 4.6.5
Any additional information, configuration, data or log snippets that is needed for reproduction or investigation of the issue.
2019-11-15T02:47:33Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 319, in run return cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 360, in run return self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 386, in execute for rval in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 431, in runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 460, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 418, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 655, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 431, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 460, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 515, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 418, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 65, in _install for unused in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/init.py", line 590, in main master_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 250, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 783, in install setup_pkinit=not options.no_pkinit) File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 345, in create_instance self.start_creation(runtime=30) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 567, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 557, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 712, in init_memberof replication.wait_for_task(conn, dn) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 171, in wait_for_task entry = conn.get_entry(dn, attrlist) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1565, in get_entry size_limit=size_limit, get_effective_rights=get_effective_rights, File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1377, in get_entries *kwargs) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1515, in find_entries break File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1026, in error_handler raise errors.NotFound(reason=arg_desc or 'no such entry')
2019-11-15T02:47:33Z DEBUG The ipa-server-install command failed, exception: NotFound: no such entry 2019-11-15T02:47:33Z ERROR no such entry 2019-11-15T02:47:33Z ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
Log file locations: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/config-files-logs.html Troubleshooting guide: https://www.freeipa.org/page/Troubleshooting
You say CentOS or Fedora? What do you mean? What version of Fedora?
When you say install without a CA what do you mean?
Please attach the full ipaserver-install.log
Thank you for your response.
I initially tried with the latest Fedora but when ran into similar issues quickly moved to CentOS. Unfortunately I did not catch the Fedora version but it was certainly released within the last week.
I'm now concentrating efforts with CentOS version 7.x.
2019-11-15T02:30:40Z DEBUG Logging to /var/log/ipaserver-install.log 2019-11-15T02:30:40Z DEBUG ipa-server-install was invoked with arguments [] and options: {'no_dns_sshfp': False, 'ignore_topology_disconnect': False, 'verbose': False, 'domain_level': None, 'ip_addresses': None, 'secondary_rid_base': None, 'netbios_name': None, 'mkhomedir': False, 'http_cert_files': None, 'zonemgr': None, 'no_pkinit': False, 'reverse_zones': None, 'no_forwarders': False, 'external_ca_profile': None, 'external_ca_type': None, 'no_ntp': False, 'no_msdcs': False, 'setup_kra': False, 'domain_name': None, 'idmax': None, 'setup_adtrust': False, 'http_cert_name': None, 'dirsrv_cert_files': None, 'no_dnssec_validation': False, 'ca_signing_algorithm': None, 'no_reverse': False, 'ssh_trust_dns': False, 'pkinit_cert_files': None, 'ca_cert_files': ['/root/openssh/PKI/cacert.pem'], 'subject_base': None, 'auto_reverse': False, 'auto_forwarders': False, 'no_host_dns': False, 'no_sshd': False, 'no_ui_redirect': False, 'ignore_last_of_role': False, 'realm_name': None, 'forwarders': None, 'idstart': None, 'external_ca': False, 'pkinit_cert_name': None, 'no_ssh': False, 'external_cert_files': None, 'enable_compat': False, 'no_hbac_allow': False, 'forward_policy': None, 'dirsrv_cert_name': None, 'unattended': False, 'rid_base': None, 'quiet': False, 'setup_dns': False, 'ca_subject': None, 'host_name': None, 'dirsrv_config_file': None, 'log_file': None, 'allow_zone_overlap': False, 'uninstall': False} 2019-11-15T02:30:40Z DEBUG IPA version 4.6.5-11.el7.centos.3 2019-11-15T02:30:40Z DEBUG Searching for an interface of IP address: ::1 2019-11-15T02:30:40Z DEBUG Testing local IP address: ::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (interface: lo) 2019-11-15T02:30:40Z DEBUG Starting external process 2019-11-15T02:30:40Z DEBUG args=/usr/sbin/selinuxenabled 2019-11-15T02:30:40Z DEBUG Process finished, return code=0 2019-11-15T02:30:40Z DEBUG stdout= 2019-11-15T02:30:40Z DEBUG stderr= 2019-11-15T02:30:40Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:30:40Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:30:40Z DEBUG httpd is not configured 2019-11-15T02:30:40Z DEBUG kadmin is not configured 2019-11-15T02:30:40Z DEBUG dirsrv is not configured 2019-11-15T02:30:40Z DEBUG pki-tomcatd is not configured 2019-11-15T02:30:40Z DEBUG install is not configured 2019-11-15T02:30:40Z DEBUG krb5kdc is not configured 2019-11-15T02:30:40Z DEBUG ntpd is not configured 2019-11-15T02:30:40Z DEBUG named is not configured 2019-11-15T02:30:40Z DEBUG filestore is tracking no files 2019-11-15T02:30:40Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' 2019-11-15T02:30:40Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:30:40Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:30:40Z DEBUG Starting external process 2019-11-15T02:30:40Z DEBUG args=/bin/systemctl is-enabled chronyd.service 2019-11-15T02:30:40Z DEBUG Process finished, return code=0 2019-11-15T02:30:40Z DEBUG stdout=enabled
2019-11-15T02:30:40Z DEBUG stderr= 2019-11-15T02:30:40Z DEBUG Starting external process 2019-11-15T02:30:40Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS 2019-11-15T02:31:10Z DEBUG Process finished, return code=0 2019-11-15T02:31:10Z DEBUG stdout=VirtualHost configuration: *:8443 ipa.testipa.lan (/etc/httpd/conf.d/nss.conf:81)
2019-11-15T02:31:10Z DEBUG stderr= 2019-11-15T02:32:20Z DEBUG Check if ipa.testipa.lan is a primary hostname for localhost 2019-11-15T02:32:50Z DEBUG Primary hostname for localhost: ipa.testipa.lan 2019-11-15T02:32:50Z DEBUG Search DNS for ipa.testipa.lan 2019-11-15T02:33:10Z DEBUG Check if ipa.testipa.lan is not a CNAME 2019-11-15T02:33:40Z DEBUG Check reverse address of 192.168.1.99 2019-11-15T02:33:50Z DEBUG Found reverse name: ipa.testipa.lan 2019-11-15T02:33:50Z DEBUG Check reverse address of 192.168.122.1 2019-11-15T02:34:00Z DEBUG Found reverse name: ipa.testipa.lan 2019-11-15T02:34:00Z DEBUG Check reverse address of fe80::eb3c:14b1:2be1:3205%enp0s3 2019-11-15T02:34:10Z DEBUG Found reverse name: ipa.testipa.lan 2019-11-15T02:34:10Z DEBUG will use host_name: ipa.testipa.lan
2019-11-15T02:34:31Z DEBUG read domain_name: testipa.lan
2019-11-15T02:34:39Z DEBUG read realm_name: TESTIPA.LAN
2019-11-15T02:35:00Z DEBUG importing all plugin modules in ipaserver.plugins... 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.aci 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.automember 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.automount 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.baseldap 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.baseldap is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.baseuser 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.batch 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.ca 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.caacl 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.cert 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.certmap 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.certprofile 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.config 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.delegation 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.dns 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.dnsserver 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.dogtag 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.domainlevel 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.group 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hbac 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.hbac is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hbacrule 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hbacsvc 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hbacsvcgroup 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hbactest 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.host 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.hostgroup 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.idrange 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.idviews 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.internal 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.join 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.krbtpolicy 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.ldap2 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.location 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.migration 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.misc 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.netgroup 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.otp 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.otp is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.otpconfig 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.otptoken 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.passwd 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.permission 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.ping 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.pkinit 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.privilege 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.pwpolicy 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.rabase 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.rabase is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.radiusproxy 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.realmdomains 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.role 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.schema 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.selfservice 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.selinuxusermap 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.server 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.serverrole 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.serverroles 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.service 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.servicedelegation 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.session 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.stageuser 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.sudo 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.sudo is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.sudocmd 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.sudocmdgroup 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.sudorule 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.topology 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.trust 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.user 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.vault 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.virtual 2019-11-15T02:35:00Z DEBUG ipaserver.plugins.virtual is not a valid plugin module 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.whoami 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.plugins.xmlserver 2019-11-15T02:35:00Z DEBUG importing all plugin modules in ipaserver.install.plugins... 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.adtrust 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.ca_renewal_master 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.dns 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.fix_replica_agreements 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.rename_managed 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_ca_topology 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_dna_shared_config 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_fix_duplicate_cacrt_in_ldap 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_idranges 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_ldap_server_list 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_managed_permissions 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_nis 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_pacs 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_passsync 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_ra_cert_store 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_referint 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_services 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.update_uniqueness 2019-11-15T02:35:00Z DEBUG importing plugin module ipaserver.install.plugins.upload_cacrt 2019-11-15T02:35:21Z DEBUG Name ipa.testipa.lan resolved to set([UnsafeIPAddress('192.168.122.1'), UnsafeIPAddress('192.168.1.99'), UnsafeIPAddress('fe80::eb3c:14b1:2be1:3205')]) 2019-11-15T02:35:21Z WARNING Invalid IP address fe80::eb3c:14b1:2be1:3205 for ipa.testipa.lan: cannot use link-local IP address fe80::eb3c:14b1:2be1:3205 2019-11-15T02:35:21Z DEBUG Searching for an interface of IP address: 192.168.122.1 2019-11-15T02:35:21Z DEBUG Testing local IP address: 127.0.0.1/255.0.0.0 (interface: lo) 2019-11-15T02:35:21Z DEBUG Testing local IP address: 192.168.1.99/255.255.255.0 (interface: enp0s3) 2019-11-15T02:35:21Z DEBUG Testing local IP address: 192.168.122.1/255.255.255.0 (interface: virbr0) 2019-11-15T02:35:21Z DEBUG Searching for an interface of IP address: 192.168.1.99 2019-11-15T02:35:21Z DEBUG Testing local IP address: 127.0.0.1/255.0.0.0 (interface: lo) 2019-11-15T02:35:21Z DEBUG Testing local IP address: 192.168.1.99/255.255.255.0 (interface: enp0s3) 2019-11-15T02:36:01Z DEBUG Starting external process 2019-11-15T02:36:01Z DEBUG args=/bin/systemctl is-enabled chronyd.service 2019-11-15T02:36:01Z DEBUG Process finished, return code=0 2019-11-15T02:36:01Z DEBUG stdout=enabled
2019-11-15T02:36:01Z DEBUG stderr= 2019-11-15T02:36:01Z DEBUG Starting external process 2019-11-15T02:36:01Z DEBUG args=/bin/systemctl is-active chronyd.service 2019-11-15T02:36:01Z DEBUG Process finished, return code=0 2019-11-15T02:36:01Z DEBUG stdout=active
2019-11-15T02:36:01Z DEBUG stderr= 2019-11-15T02:36:01Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:01Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:01Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:01Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:01Z DEBUG Starting external process 2019-11-15T02:36:01Z DEBUG args=/bin/systemctl stop chronyd.service 2019-11-15T02:36:01Z DEBUG Process finished, return code=0 2019-11-15T02:36:01Z DEBUG stdout= 2019-11-15T02:36:01Z DEBUG stderr= 2019-11-15T02:36:01Z DEBUG Stop of chronyd.service complete 2019-11-15T02:36:01Z DEBUG Starting external process 2019-11-15T02:36:01Z DEBUG args=/bin/systemctl disable chronyd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=0 2019-11-15T02:36:02Z DEBUG stdout= 2019-11-15T02:36:02Z DEBUG stderr=Removed symlink /etc/systemd/system/multi-user.target.wants/chronyd.service.
2019-11-15T02:36:02Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:36:02Z DEBUG Configuring NTP daemon (ntpd) 2019-11-15T02:36:02Z DEBUG [1/4]: stopping ntpd 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl is-active ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=3 2019-11-15T02:36:02Z DEBUG stdout=inactive
2019-11-15T02:36:02Z DEBUG stderr= 2019-11-15T02:36:02Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl stop ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=0 2019-11-15T02:36:02Z DEBUG stdout= 2019-11-15T02:36:02Z DEBUG stderr= 2019-11-15T02:36:02Z DEBUG Stop of ntpd.service complete 2019-11-15T02:36:02Z DEBUG duration: 0 seconds 2019-11-15T02:36:02Z DEBUG [2/4]: writing configuration 2019-11-15T02:36:02Z DEBUG Backing up system configuration file '/etc/ntp.conf' 2019-11-15T02:36:02Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:36:02Z DEBUG Backing up system configuration file '/etc/sysconfig/ntpd' 2019-11-15T02:36:02Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:36:02Z DEBUG duration: 0 seconds 2019-11-15T02:36:02Z DEBUG [3/4]: configuring ntpd to start on boot 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl is-enabled ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=1 2019-11-15T02:36:02Z DEBUG stdout=disabled
2019-11-15T02:36:02Z DEBUG stderr= 2019-11-15T02:36:02Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl enable ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=0 2019-11-15T02:36:02Z DEBUG stdout= 2019-11-15T02:36:02Z DEBUG stderr=Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
2019-11-15T02:36:02Z DEBUG duration: 0 seconds 2019-11-15T02:36:02Z DEBUG [4/4]: starting ntpd 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl start ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=0 2019-11-15T02:36:02Z DEBUG stdout= 2019-11-15T02:36:02Z DEBUG stderr= 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/bin/systemctl is-active ntpd.service 2019-11-15T02:36:02Z DEBUG Process finished, return code=0 2019-11-15T02:36:02Z DEBUG stdout=active
2019-11-15T02:36:02Z DEBUG stderr= 2019-11-15T02:36:02Z DEBUG Start of ntpd.service complete 2019-11-15T02:36:02Z DEBUG duration: 0 seconds 2019-11-15T02:36:02Z DEBUG Done configuring NTP daemon (ntpd). 2019-11-15T02:36:02Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Configuring directory server (dirsrv). Estimated time: 30 seconds 2019-11-15T02:36:02Z DEBUG [1/44]: creating directory server instance 2019-11-15T02:36:02Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2019-11-15T02:36:02Z DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv' 2019-11-15T02:36:02Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:36:02Z DEBUG dn: dc=testipa,dc=lan objectClass: top objectClass: domain objectClass: pilotObject dc: testipa info: IPA V2.0
2019-11-15T02:36:02Z DEBUG writing inf template 2019-11-15T02:36:02Z DEBUG [General] FullMachineName= ipa.testipa.lan SuiteSpotUserID= dirsrv SuiteSpotGroup= dirsrv ServerRoot= /usr/lib64/dirsrv [slapd] ServerPort= 389 ServerIdentifier= TESTIPA-LAN Suffix= dc=testipa,dc=lan RootDN= cn=Directory Manager InstallLdifFile= /var/lib/dirsrv/boot.ldif inst_dir= /var/lib/dirsrv/scripts-TESTIPA-LAN
2019-11-15T02:36:02Z DEBUG calling setup-ds.pl 2019-11-15T02:36:02Z DEBUG Starting external process 2019-11-15T02:36:02Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmptuLuoG 2019-11-15T02:36:37Z DEBUG Process finished, return code=0 2019-11-15T02:36:37Z DEBUG stdout=[19/11/14:21:36:37] - [Setup] Info Your new DS instance 'TESTIPA-LAN' was successfully created. Your new DS instance 'TESTIPA-LAN' was successfully created. [19/11/14:21:36:37] - [Setup] Success Exiting . . . Log file is '-'
Exiting . . . Log file is '-'
2019-11-15T02:36:37Z DEBUG stderr= 2019-11-15T02:36:37Z DEBUG completed creating DS instance 2019-11-15T02:36:37Z DEBUG duration: 35 seconds 2019-11-15T02:36:37Z DEBUG [2/44]: enabling ldapi 2019-11-15T02:36:37Z DEBUG Starting external process 2019-11-15T02:36:37Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpt3Chhs -H ldap://localhost -x -D cn=Directory Manager -y /tmp/tmpaDAKnF 2019-11-15T02:36:58Z DEBUG Process finished, return code=0 2019-11-15T02:36:58Z DEBUG stdout=replace nsslapd-ldapilisten: on modifying entry "cn=config" modify complete
2019-11-15T02:36:58Z DEBUG stderr=ldap_initialize( ldap://localhost:389/??base )
2019-11-15T02:36:58Z DEBUG duration: 20 seconds 2019-11-15T02:36:58Z DEBUG [3/44]: configure autobind for root 2019-11-15T02:36:58Z DEBUG Starting external process 2019-11-15T02:36:58Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/root-autobind.ldif -H ldap://localhost -x -D cn=Directory Manager -y /tmp/tmpo__XKc 2019-11-15T02:37:18Z DEBUG Process finished, return code=0 2019-11-15T02:37:18Z DEBUG stdout=add objectClass: extensibleObject top add cn: root-autobind add uidNumber: 0 add gidNumber: 0 adding new entry "cn=root-autobind,cn=config" modify complete
replace nsslapd-ldapiautobind: on modifying entry "cn=config" modify complete
replace nsslapd-ldapimaptoentries: on modifying entry "cn=config" modify complete
2019-11-15T02:37:18Z DEBUG stderr=ldap_initialize( ldap://localhost:389/??base )
2019-11-15T02:37:18Z DEBUG duration: 20 seconds 2019-11-15T02:37:18Z DEBUG [4/44]: stopping directory server 2019-11-15T02:37:18Z DEBUG Starting external process 2019-11-15T02:37:18Z DEBUG args=/bin/systemctl stop dirsrv@TESTIPA-LAN.service 2019-11-15T02:37:20Z DEBUG Process finished, return code=0 2019-11-15T02:37:20Z DEBUG stdout= 2019-11-15T02:37:20Z DEBUG stderr= 2019-11-15T02:37:20Z DEBUG Stop of dirsrv@TESTIPA-LAN.service complete 2019-11-15T02:37:20Z DEBUG duration: 2 seconds 2019-11-15T02:37:20Z DEBUG [5/44]: updating configuration in dse.ldif 2019-11-15T02:37:20Z DEBUG Starting external process 2019-11-15T02:37:20Z DEBUG args=/usr/sbin/selinuxenabled 2019-11-15T02:37:20Z DEBUG Process finished, return code=0 2019-11-15T02:37:20Z DEBUG stdout= 2019-11-15T02:37:20Z DEBUG stderr= 2019-11-15T02:37:20Z DEBUG Starting external process 2019-11-15T02:37:20Z DEBUG args=/sbin/restorecon /etc/dirsrv/slapd-TESTIPA-LAN/dse.ldif 2019-11-15T02:37:20Z DEBUG Process finished, return code=0 2019-11-15T02:37:20Z DEBUG stdout= 2019-11-15T02:37:20Z DEBUG stderr= 2019-11-15T02:37:20Z DEBUG duration: 0 seconds 2019-11-15T02:37:20Z DEBUG [6/44]: starting directory server 2019-11-15T02:37:20Z DEBUG Starting external process 2019-11-15T02:37:20Z DEBUG args=/bin/systemctl start dirsrv@TESTIPA-LAN.service 2019-11-15T02:37:24Z DEBUG Process finished, return code=0 2019-11-15T02:37:24Z DEBUG stdout= 2019-11-15T02:37:24Z DEBUG stderr= 2019-11-15T02:37:24Z DEBUG Starting external process 2019-11-15T02:37:24Z DEBUG args=/bin/systemctl is-active dirsrv@TESTIPA-LAN.service 2019-11-15T02:37:24Z DEBUG Process finished, return code=0 2019-11-15T02:37:24Z DEBUG stdout=active
2019-11-15T02:37:24Z DEBUG stderr= 2019-11-15T02:37:24Z DEBUG wait_for_open_ports: localhost [389] timeout 300 2019-11-15T02:37:24Z DEBUG waiting for port: 389 2019-11-15T02:37:24Z DEBUG SUCCESS: port: 389 2019-11-15T02:37:24Z DEBUG Start of dirsrv@TESTIPA-LAN.service complete 2019-11-15T02:37:44Z DEBUG Created connection context.ldap2_140092996027088 2019-11-15T02:37:44Z DEBUG duration: 23 seconds 2019-11-15T02:37:44Z DEBUG [7/44]: adding default schema 2019-11-15T02:37:44Z DEBUG duration: 0 seconds 2019-11-15T02:37:44Z DEBUG [8/44]: enabling memberof plugin 2019-11-15T02:37:44Z DEBUG Starting external process 2019-11-15T02:37:44Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/memberof-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:38:04Z DEBUG Process finished, return code=0 2019-11-15T02:38:04Z DEBUG stdout=replace nsslapd-pluginenabled: on add memberofgroupattr: memberUser add memberofgroupattr: memberHost modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config" modify complete
2019-11-15T02:38:04Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:38:04Z DEBUG duration: 20 seconds 2019-11-15T02:38:04Z DEBUG [9/44]: enabling winsync plugin 2019-11-15T02:38:04Z DEBUG Starting external process 2019-11-15T02:38:04Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-winsync-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:38:24Z DEBUG Process finished, return code=0 2019-11-15T02:38:24Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: ipa-winsync add nsslapd-pluginpath: libipa_winsync add nsslapd-plugininitfunc: ipa_winsync_plugin_init add nsslapd-pluginDescription: Allows IPA to work with the DS windows sync feature add nsslapd-pluginid: ipa-winsync add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat add nsslapd-plugintype: preoperation add nsslapd-pluginenabled: on add nsslapd-plugin-depends-on-type: database add ipaWinSyncRealmFilter: (objectclass=krbRealmContainer) add ipaWinSyncRealmAttr: cn add ipaWinSyncNewEntryFilter: (cn=ipaConfig) add ipaWinSyncNewUserOCAttr: ipauserobjectclasses add ipaWinSyncUserFlatten: true add ipaWinsyncHomeDirAttr: ipaHomesRootDir add ipaWinsyncLoginShellAttr: ipaDefaultLoginShell add ipaWinSyncDefaultGroupAttr: ipaDefaultPrimaryGroup add ipaWinSyncDefaultGroupFilter: (gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames) add ipaWinSyncAcctDisable: both add ipaWinSyncForceSync: true add ipaWinSyncUserAttr: uidNumber -1 gidNumber -1 adding new entry "cn=ipa-winsync,cn=plugins,cn=config" modify complete
2019-11-15T02:38:24Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:38:24Z DEBUG duration: 20 seconds 2019-11-15T02:38:24Z DEBUG [10/44]: configuring replication version plugin 2019-11-15T02:38:24Z DEBUG Starting external process 2019-11-15T02:38:24Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/version-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:38:44Z DEBUG Process finished, return code=0 2019-11-15T02:38:44Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: IPA Version Replication add nsslapd-pluginpath: libipa_repl_version add nsslapd-plugininitfunc: repl_version_plugin_init add nsslapd-plugintype: preoperation add nsslapd-pluginenabled: off add nsslapd-pluginid: ipa_repl_version add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-plugindescription: IPA Replication version plugin add nsslapd-plugin-depends-on-type: database add nsslapd-plugin-depends-on-named: Multimaster Replication Plugin adding new entry "cn=IPA Version Replication,cn=plugins,cn=config" modify complete
2019-11-15T02:38:44Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:38:44Z DEBUG duration: 20 seconds 2019-11-15T02:38:44Z DEBUG [11/44]: enabling IPA enrollment plugin 2019-11-15T02:38:44Z DEBUG Starting external process 2019-11-15T02:38:44Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpcq3Ldq -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:39:04Z DEBUG Process finished, return code=0 2019-11-15T02:39:04Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: ipa_enrollment_extop add nsslapd-pluginpath: libipa_enrollment_extop add nsslapd-plugininitfunc: ipaenrollment_init add nsslapd-plugintype: extendedop add nsslapd-pluginenabled: on add nsslapd-pluginid: ipa_enrollment_extop add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: RedHat add nsslapd-plugindescription: Enroll hosts into the IPA domain add nsslapd-plugin-depends-on-type: database add nsslapd-realmTree: dc=testipa,dc=lan adding new entry "cn=ipa_enrollment_extop,cn=plugins,cn=config" modify complete
2019-11-15T02:39:04Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:39:04Z DEBUG duration: 20 seconds 2019-11-15T02:39:04Z DEBUG [12/44]: configuring uniqueness plugin 2019-11-15T02:39:04Z DEBUG Starting external process 2019-11-15T02:39:04Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp12jWfZ -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:39:24Z DEBUG Process finished, return code=0 2019-11-15T02:39:24Z DEBUG stdout=add objectClass: top nsSlapdPlugin extensibleObject add cn: krbPrincipalName uniqueness add nsslapd-pluginPath: libattr-unique-plugin add nsslapd-pluginInitfunc: NSUniqueAttr_Init add nsslapd-pluginType: preoperation add nsslapd-pluginEnabled: on add uniqueness-attribute-name: krbPrincipalName add nsslapd-plugin-depends-on-type: database add nsslapd-pluginId: NSUniqueAttr add nsslapd-pluginVersion: 1.1.0 add nsslapd-pluginVendor: Fedora Project add nsslapd-pluginDescription: Enforce unique attribute values add uniqueness-subtrees: dc=testipa,dc=lan add uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,dc=testipa,dc=lan add uniqueness-across-all-subtrees: on adding new entry "cn=krbPrincipalName uniqueness,cn=plugins,cn=config" modify complete
add objectClass: top nsSlapdPlugin extensibleObject add cn: krbCanonicalName uniqueness add nsslapd-pluginPath: libattr-unique-plugin add nsslapd-pluginInitfunc: NSUniqueAttr_Init add nsslapd-pluginType: preoperation add nsslapd-pluginEnabled: on add uniqueness-attribute-name: krbCanonicalName add nsslapd-plugin-depends-on-type: database add nsslapd-pluginId: NSUniqueAttr add nsslapd-pluginVersion: 1.1.0 add nsslapd-pluginVendor: Fedora Project add nsslapd-pluginDescription: Enforce unique attribute values add uniqueness-subtrees: dc=testipa,dc=lan add uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,dc=testipa,dc=lan add uniqueness-across-all-subtrees: on adding new entry "cn=krbCanonicalName uniqueness,cn=plugins,cn=config" modify complete
add objectClass: top nsSlapdPlugin extensibleObject add cn: netgroup uniqueness add nsslapd-pluginPath: libattr-unique-plugin add nsslapd-pluginInitfunc: NSUniqueAttr_Init add nsslapd-pluginType: preoperation add nsslapd-pluginEnabled: on add uniqueness-attribute-name: cn add uniqueness-subtrees: cn=ng,cn=alt,dc=testipa,dc=lan add nsslapd-plugin-depends-on-type: database add nsslapd-pluginId: NSUniqueAttr add nsslapd-pluginVersion: 1.1.0 add nsslapd-pluginVendor: Fedora Project add nsslapd-pluginDescription: Enforce unique attribute values adding new entry "cn=netgroup uniqueness,cn=plugins,cn=config" modify complete
add objectClass: top nsSlapdPlugin extensibleObject add cn: ipaUniqueID uniqueness add nsslapd-pluginPath: libattr-unique-plugin add nsslapd-pluginInitfunc: NSUniqueAttr_Init add nsslapd-pluginType: preoperation add nsslapd-pluginEnabled: on add uniqueness-attribute-name: ipaUniqueID add nsslapd-plugin-depends-on-type: database add nsslapd-pluginId: NSUniqueAttr add nsslapd-pluginVersion: 1.1.0 add nsslapd-pluginVendor: Fedora Project add nsslapd-pluginDescription: Enforce unique attribute values add uniqueness-subtrees: dc=testipa,dc=lan add uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,dc=testipa,dc=lan add uniqueness-across-all-subtrees: on adding new entry "cn=ipaUniqueID uniqueness,cn=plugins,cn=config" modify complete
add objectClass: top nsSlapdPlugin extensibleObject add cn: sudorule name uniqueness add nsslapd-pluginDescription: Enforce unique attribute values add nsslapd-pluginPath: libattr-unique-plugin add nsslapd-pluginInitfunc: NSUniqueAttr_Init add nsslapd-pluginType: preoperation add nsslapd-pluginEnabled: on add uniqueness-attribute-name: cn add uniqueness-subtrees: cn=sudorules,cn=sudo,dc=testipa,dc=lan add nsslapd-plugin-depends-on-type: database add nsslapd-pluginId: NSUniqueAttr add nsslapd-pluginVersion: 1.1.0 add nsslapd-pluginVendor: Fedora Project adding new entry "cn=sudorule name uniqueness,cn=plugins,cn=config" modify complete
2019-11-15T02:39:24Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:39:24Z DEBUG duration: 20 seconds 2019-11-15T02:39:24Z DEBUG [13/44]: configuring uuid plugin 2019-11-15T02:39:24Z DEBUG Starting external process 2019-11-15T02:39:24Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/uuid-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:39:44Z DEBUG Process finished, return code=0 2019-11-15T02:39:44Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: IPA UUID add nsslapd-pluginpath: libipa_uuid add nsslapd-plugininitfunc: ipauuid_init add nsslapd-plugintype: preoperation add nsslapd-pluginenabled: on add nsslapd-pluginid: ipauuid_version add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-plugindescription: IPA UUID plugin add nsslapd-plugin-depends-on-type: database adding new entry "cn=IPA UUID,cn=plugins,cn=config" modify complete
2019-11-15T02:39:44Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:39:44Z DEBUG Starting external process 2019-11-15T02:39:44Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpByM2ad -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:40:04Z DEBUG Process finished, return code=0 2019-11-15T02:40:04Z DEBUG stdout=add objectclass: top extensibleObject add cn: IPA Unique IDs add ipaUuidAttr: ipaUniqueID add ipaUuidMagicRegen: autogenerate add ipaUuidFilter: (|(objectclass=ipaObject)(objectclass=ipaAssociation)) add ipaUuidScope: dc=testipa,dc=lan add ipaUuidEnforce: TRUE adding new entry "cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config" modify complete
add objectclass: top extensibleObject add cn: IPK11 Unique IDs add ipaUuidAttr: ipk11UniqueID add ipaUuidMagicRegen: autogenerate add ipaUuidFilter: (objectclass=ipk11Object) add ipaUuidScope: dc=testipa,dc=lan add ipaUuidEnforce: FALSE adding new entry "cn=IPK11 Unique IDs,cn=IPA UUID,cn=plugins,cn=config" modify complete
2019-11-15T02:40:04Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:40:04Z DEBUG duration: 40 seconds 2019-11-15T02:40:04Z DEBUG [14/44]: configuring modrdn plugin 2019-11-15T02:40:04Z DEBUG Starting external process 2019-11-15T02:40:04Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/modrdn-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:40:24Z DEBUG Process finished, return code=0 2019-11-15T02:40:24Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: IPA MODRDN add nsslapd-pluginpath: libipa_modrdn add nsslapd-plugininitfunc: ipamodrdn_init add nsslapd-plugintype: betxnpostoperation add nsslapd-pluginenabled: on add nsslapd-pluginid: ipamodrdn_version add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-plugindescription: IPA MODRDN plugin add nsslapd-plugin-depends-on-type: database add nsslapd-pluginPrecedence: 60 adding new entry "cn=IPA MODRDN,cn=plugins,cn=config" modify complete
2019-11-15T02:40:24Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:40:24Z DEBUG Starting external process 2019-11-15T02:40:24Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpyEbHPq -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:40:44Z DEBUG Process finished, return code=0 2019-11-15T02:40:44Z DEBUG stdout=add objectclass: top extensibleObject add cn: Kerberos Principal Name add ipaModRDNsourceAttr: uid add ipaModRDNtargetAttr: krbPrincipalName add ipaModRDNsuffix: @TESTIPA.LAN add ipaModRDNfilter: (&(objectclass=posixaccount)(objectclass=krbPrincipalAux)) add ipaModRDNscope: dc=testipa,dc=lan adding new entry "cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config" modify complete
add objectclass: top extensibleObject add cn: Kerberos Canonical Name add ipaModRDNsourceAttr: uid add ipaModRDNtargetAttr: krbCanonicalName add ipaModRDNsuffix: @TESTIPA.LAN add ipaModRDNfilter: (&(objectclass=posixaccount)(objectclass=krbPrincipalAux)) add ipaModRDNscope: dc=testipa,dc=lan adding new entry "cn=Kerberos Canonical Name,cn=IPA MODRDN,cn=plugins,cn=config" modify complete
2019-11-15T02:40:44Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:40:44Z DEBUG duration: 40 seconds 2019-11-15T02:40:44Z DEBUG [15/44]: configuring DNS plugin 2019-11-15T02:40:44Z DEBUG Starting external process 2019-11-15T02:40:44Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-dns-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:41:04Z DEBUG Process finished, return code=0 2019-11-15T02:41:04Z DEBUG stdout=add objectclass: top nsslapdPlugin extensibleObject add cn: IPA DNS add nsslapd-plugindescription: IPA DNS support plugin add nsslapd-pluginenabled: on add nsslapd-pluginid: ipa_dns add nsslapd-plugininitfunc: ipadns_init add nsslapd-pluginpath: libipa_dns.so add nsslapd-plugintype: preoperation add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-pluginversion: 1.0 add nsslapd-plugin-depends-on-type: database adding new entry "cn=IPA DNS,cn=plugins,cn=config" modify complete
2019-11-15T02:41:04Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:41:04Z DEBUG duration: 20 seconds 2019-11-15T02:41:04Z DEBUG [16/44]: enabling entryUSN plugin 2019-11-15T02:41:04Z DEBUG Starting external process 2019-11-15T02:41:04Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/entryusn.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:41:25Z DEBUG Process finished, return code=0 2019-11-15T02:41:25Z DEBUG stdout=replace nsslapd-entryusn-global: on modifying entry "cn=config" modify complete
replace nsslapd-entryusn-import-initval: next modifying entry "cn=config" modify complete
replace nsslapd-pluginenabled: on modifying entry "cn=USN,cn=plugins,cn=config" modify complete
2019-11-15T02:41:25Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:41:25Z DEBUG duration: 20 seconds 2019-11-15T02:41:25Z DEBUG [17/44]: configuring lockout plugin 2019-11-15T02:41:25Z DEBUG Starting external process 2019-11-15T02:41:25Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/lockout-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:41:45Z DEBUG Process finished, return code=0 2019-11-15T02:41:45Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: IPA Lockout add nsslapd-pluginpath: libipa_lockout add nsslapd-plugininitfunc: ipalockout_init add nsslapd-plugintype: object add nsslapd-pluginenabled: on add nsslapd-pluginid: ipalockout_version add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-plugindescription: IPA Lockout plugin add nsslapd-plugin-depends-on-type: database adding new entry "cn=IPA Lockout,cn=plugins,cn=config" modify complete
2019-11-15T02:41:45Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:41:45Z DEBUG duration: 20 seconds 2019-11-15T02:41:45Z DEBUG [18/44]: configuring topology plugin 2019-11-15T02:41:45Z DEBUG Starting external process 2019-11-15T02:41:45Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmplA6wUv -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:42:05Z DEBUG Process finished, return code=0 2019-11-15T02:42:05Z DEBUG stdout=add objectClass: top nsSlapdPlugin extensibleObject add cn: IPA Topology Configuration add nsslapd-pluginPath: libtopology add nsslapd-pluginInitfunc: ipa_topo_init add nsslapd-pluginType: object add nsslapd-pluginEnabled: on add nsslapd-topo-plugin-shared-config-base: cn=ipa,cn=etc,dc=testipa,dc=lan add nsslapd-topo-plugin-shared-replica-root: dc=testipa,dc=lan o=ipaca add nsslapd-topo-plugin-shared-binddngroup: cn=replication managers,cn=sysaccounts,cn=etc,dc=testipa,dc=lan add nsslapd-topo-plugin-startup-delay: 20 add nsslapd-pluginId: none add nsslapd-plugin-depends-on-named: ldbm database Multimaster Replication Plugin add nsslapd-pluginVersion: 1.0 add nsslapd-pluginVendor: none add nsslapd-pluginDescription: none adding new entry "cn=IPA Topology Configuration,cn=plugins,cn=config" modify complete
2019-11-15T02:42:05Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:42:05Z DEBUG duration: 20 seconds 2019-11-15T02:42:05Z DEBUG [19/44]: creating indices 2019-11-15T02:42:05Z DEBUG Starting external process 2019-11-15T02:42:05Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/indices.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:42:25Z DEBUG Process finished, return code=0 2019-11-15T02:42:25Z DEBUG stdout=add objectClass: top nsIndex add cn: krbPrincipalName add nsSystemIndex: false add nsIndexType: eq sub add nsMatchingRule: caseIgnoreIA5Match caseExactIA5Match adding new entry "cn=krbPrincipalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: ou add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=ou,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: carLicense add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=carLicense,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: title add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=title,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: manager add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=manager,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: secretary add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=secretary,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: displayname add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=displayname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add nsIndexType: sub modifying entry "cn=uid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: uidnumber add nsSystemIndex: false add nsIndexType: eq add nsMatchingRule: integerOrderingMatch adding new entry "cn=uidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add objectClass: top nsIndex add cn: gidnumber add nsSystemIndex: false add nsIndexType: eq add nsMatchingRule: integerOrderingMatch adding new entry "cn=gidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
replace nsIndexType: eq pres modifying entry "cn=ntUniqueId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
replace nsIndexType: eq pres modifying entry "cn=ntUserDomainId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add ObjectClass: top nsIndex add cn: fqdn add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=fqdn,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add ObjectClass: top nsIndex add cn: macAddress add nsSystemIndex: false add nsIndexType: eq pres adding new entry "cn=macAddress,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: memberHost add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=memberHost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: memberUser add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=memberUser,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: sourcehost add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=sourcehost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: memberservice add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=memberservice,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: managedby add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=managedby,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: memberallowcmd add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=memberallowcmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: memberdenycmd add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=memberdenycmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipasudorunas add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=ipasudorunas,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipasudorunasgroup add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=ipasudorunasgroup,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: automountkey add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres adding new entry "cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: automountMapName add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=automountMapName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipaConfigString add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=ipaConfigString,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipaEnabledFlag add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=ipaEnabledFlag,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipaKrbAuthzData add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=ipaKrbAuthzData,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipakrbprincipalalias add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=ipakrbprincipalalias,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipauniqueid add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=ipauniqueid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipaMemberCa add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=ipaMemberCa,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipaMemberCertProfile add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres sub adding new entry "cn=ipaMemberCertProfile,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: userCertificate add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres adding new entry "cn=userCertificate,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipalocation add ObjectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq pres adding new entry "cn=ipalocation,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: krbCanonicalName add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=krbCanonicalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: serverhostname add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq sub adding new entry "cn=serverhostname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: description add objectClass: top nsindex add nssystemindex: false add nsindextype: eq sub adding new entry "cn=description,cn=index,cn=userroot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: l add objectClass: top nsindex add nssystemindex: false add nsindextype: eq sub adding new entry "cn=l,cn=index,cn=userroot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: nsOsVersion add objectClass: top nsindex add nssystemindex: false add nsindextype: eq sub adding new entry "cn=nsOsVersion,cn=index,cn=userroot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: nsHardwarePlatform add objectClass: top nsindex add nssystemindex: false add nsindextype: eq sub adding new entry "cn=nsHardwarePlatform,cn=index,cn=userroot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: nsHostLocation add objectClass: top nsindex add nssystemindex: false add nsindextype: eq sub adding new entry "cn=nsHostLocation,cn=index,cn=userroot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: ipServicePort add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=ipServicePort,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: accessRuleType add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=accessRuleType,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: hostCategory add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=hostCategory,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
add cn: idnsName add objectClass: top nsIndex add nsSystemIndex: false add nsIndexType: eq adding new entry "cn=idnsName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" modify complete
2019-11-15T02:42:25Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:42:25Z DEBUG duration: 20 seconds 2019-11-15T02:42:25Z DEBUG [20/44]: enabling referential integrity plugin 2019-11-15T02:42:25Z DEBUG Starting external process 2019-11-15T02:42:25Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/referint-conf.ldif -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:42:45Z DEBUG Process finished, return code=0 2019-11-15T02:42:45Z DEBUG stdout=replace nsslapd-pluginenabled: on modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config" modify complete
2019-11-15T02:42:45Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:42:45Z DEBUG duration: 20 seconds 2019-11-15T02:42:45Z DEBUG [21/44]: configuring certmap.conf 2019-11-15T02:42:45Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2019-11-15T02:42:45Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2019-11-15T02:42:45Z DEBUG Saving StateFile to '/var/lib/ipa/sysupgrade/sysupgrade.state' 2019-11-15T02:42:45Z DEBUG duration: 0 seconds 2019-11-15T02:42:45Z DEBUG [22/44]: configure new location for managed entries 2019-11-15T02:42:45Z DEBUG Starting external process 2019-11-15T02:42:45Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpFu0_1g -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:43:05Z DEBUG Process finished, return code=0 2019-11-15T02:43:05Z DEBUG stdout=add nsslapd-pluginConfigArea: cn=Definitions,cn=Managed Entries,cn=etc,dc=testipa,dc=lan modifying entry "cn=Managed Entries,cn=plugins,cn=config" modify complete
2019-11-15T02:43:05Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:43:05Z DEBUG duration: 20 seconds 2019-11-15T02:43:05Z DEBUG [23/44]: configure dirsrv ccache 2019-11-15T02:43:05Z DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv' 2019-11-15T02:43:05Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2019-11-15T02:43:05Z DEBUG Starting external process 2019-11-15T02:43:05Z DEBUG args=/usr/sbin/selinuxenabled 2019-11-15T02:43:05Z DEBUG Process finished, return code=0 2019-11-15T02:43:05Z DEBUG stdout= 2019-11-15T02:43:05Z DEBUG stderr= 2019-11-15T02:43:05Z DEBUG Starting external process 2019-11-15T02:43:05Z DEBUG args=/sbin/restorecon /etc/sysconfig/dirsrv 2019-11-15T02:43:05Z DEBUG Process finished, return code=0 2019-11-15T02:43:05Z DEBUG stdout= 2019-11-15T02:43:05Z DEBUG stderr= 2019-11-15T02:43:05Z DEBUG duration: 0 seconds 2019-11-15T02:43:05Z DEBUG [24/44]: enabling SASL mapping fallback 2019-11-15T02:43:05Z DEBUG Starting external process 2019-11-15T02:43:05Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpUcZ8oO -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:43:25Z DEBUG Process finished, return code=0 2019-11-15T02:43:25Z DEBUG stdout=replace nsslapd-sasl-mapping-fallback: on modifying entry "cn=config" modify complete
2019-11-15T02:43:25Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:43:25Z DEBUG duration: 20 seconds 2019-11-15T02:43:25Z DEBUG [25/44]: restarting directory server 2019-11-15T02:43:25Z DEBUG Destroyed connection context.ldap2_140092996027088 2019-11-15T02:43:25Z DEBUG Starting external process 2019-11-15T02:43:25Z DEBUG args=/bin/systemctl --system daemon-reload 2019-11-15T02:43:25Z DEBUG Process finished, return code=0 2019-11-15T02:43:25Z DEBUG stdout= 2019-11-15T02:43:25Z DEBUG stderr= 2019-11-15T02:43:25Z DEBUG Starting external process 2019-11-15T02:43:25Z DEBUG args=/bin/systemctl restart dirsrv@TESTIPA-LAN.service 2019-11-15T02:43:31Z DEBUG Process finished, return code=0 2019-11-15T02:43:31Z DEBUG stdout= 2019-11-15T02:43:31Z DEBUG stderr= 2019-11-15T02:43:31Z DEBUG Starting external process 2019-11-15T02:43:31Z DEBUG args=/bin/systemctl is-active dirsrv@TESTIPA-LAN.service 2019-11-15T02:43:31Z DEBUG Process finished, return code=0 2019-11-15T02:43:31Z DEBUG stdout=active
2019-11-15T02:43:31Z DEBUG stderr= 2019-11-15T02:43:31Z DEBUG wait_for_open_ports: localhost [389] timeout 300 2019-11-15T02:43:31Z DEBUG waiting for port: 389 2019-11-15T02:43:31Z DEBUG SUCCESS: port: 389 2019-11-15T02:43:31Z DEBUG Restart of dirsrv@TESTIPA-LAN.service complete 2019-11-15T02:43:31Z DEBUG Starting external process 2019-11-15T02:43:31Z DEBUG args=/bin/systemctl is-active dirsrv@TESTIPA-LAN.service 2019-11-15T02:43:31Z DEBUG Process finished, return code=0 2019-11-15T02:43:31Z DEBUG stdout=active
2019-11-15T02:43:31Z DEBUG stderr= 2019-11-15T02:43:31Z DEBUG Created connection context.ldap2_140092996027088 2019-11-15T02:43:31Z DEBUG duration: 5 seconds 2019-11-15T02:43:31Z DEBUG [26/44]: adding sasl mappings to the directory 2019-11-15T02:43:31Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket from SchemaCache 2019-11-15T02:43:31Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f69f0ab04d0> 2019-11-15T02:43:31Z DEBUG duration: 0 seconds 2019-11-15T02:43:31Z DEBUG [27/44]: adding default layout 2019-11-15T02:43:31Z DEBUG Starting external process 2019-11-15T02:43:31Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpFl0fLy -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:43:51Z DEBUG Process finished, return code=0 2019-11-15T02:43:51Z DEBUG stdout=add objectClass: top nsContainer add cn: accounts adding new entry "cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: users adding new entry "cn=users,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: groups adding new entry "cn=groups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: services adding new entry "cn=services,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: computers adding new entry "cn=computers,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: hostgroups adding new entry "cn=hostgroups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: ipservices adding new entry "cn=ipservices,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer add cn: alt adding new entry "cn=alt,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer add cn: ng adding new entry "cn=ng,cn=alt,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer add cn: automount adding new entry "cn=automount,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer add cn: default adding new entry "cn=default,cn=automount,dc=testipa,dc=lan" modify complete
add objectClass: automountMap add automountMapName: auto.master adding new entry "automountmapname=auto.master,cn=default,cn=automount,dc=testipa,dc=lan" modify complete
add objectClass: automountMap add automountMapName: auto.direct adding new entry "automountmapname=auto.direct,cn=default,cn=automount,dc=testipa,dc=lan" modify complete
add objectClass: automount add automountKey: /- add automountInformation: auto.direct add description: /- auto.direct adding new entry "description=/- auto.direct,automountmapname=auto.master,cn=default,cn=automount,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: hbac adding new entry "cn=hbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: hbacservices adding new entry "cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: hbacservicegroups adding new entry "cn=hbacservicegroups,cn=hbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: sudo adding new entry "cn=sudo,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: sudocmds adding new entry "cn=sudocmds,cn=sudo,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: sudocmdgroups adding new entry "cn=sudocmdgroups,cn=sudo,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: sudorules adding new entry "cn=sudorules,cn=sudo,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: etc adding new entry "cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: locations adding new entry "cn=locations,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: sysaccounts adding new entry "cn=sysaccounts,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: ipa adding new entry "cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: masters adding new entry "cn=masters,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: replicas adding new entry "cn=replicas,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: dna adding new entry "cn=dna,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: posix-ids adding new entry "cn=posix-ids,cn=dna,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: ca_renewal adding new entry "cn=ca_renewal,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: certificates adding new entry "cn=certificates,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: custodia adding new entry "cn=custodia,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: dogtag adding new entry "cn=dogtag,cn=custodia,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: s4u2proxy adding new entry "cn=s4u2proxy,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: ipaKrb5DelegationACL groupOfPrincipals top add cn: ipa-http-delegation add memberPrincipal: HTTP/ipa.testipa.lan@TESTIPA.LAN add ipaAllowedTarget: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,dc=testipa,dc=lan cn=ipa-cifs-delegation-targets,cn=s4u2proxy,cn=etc,dc=testipa,dc=lan adding new entry "cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: groupOfPrincipals top add cn: ipa-ldap-delegation-targets add memberPrincipal: ldap/ipa.testipa.lan@TESTIPA.LAN adding new entry "cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: groupOfPrincipals top add cn: ipa-cifs-delegation-targets adding new entry "cn=ipa-cifs-delegation-targets,cn=s4u2proxy,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: top person posixaccount krbprincipalaux krbticketpolicyaux inetuser ipaobject ipasshuser add uid: admin add krbPrincipalName: admin@TESTIPA.LAN add cn: Administrator add sn: Administrator add uidNumber: 1745600000 add gidNumber: 1745600000 add homeDirectory: /home/admin add loginShell: /bin/bash add gecos: Administrator add nsAccountLock: FALSE add ipaUniqueID: autogenerate adding new entry "uid=admin,cn=users,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames posixgroup ipausergroup ipaobject add cn: admins add description: Account administrators group add gidNumber: 1745600000 add member: uid=admin,cn=users,cn=accounts,dc=testipa,dc=lan add nsAccountLock: FALSE add ipaUniqueID: autogenerate adding new entry "cn=admins,cn=groups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup ipausergroup ipaobject add description: Default group for all users add cn: ipausers add ipaUniqueID: autogenerate adding new entry "cn=ipausers,cn=groups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames posixgroup ipausergroup ipaobject add gidNumber: 1745600002 add description: Limited admins who can edit other users add cn: editors add ipaUniqueID: autogenerate adding new entry "cn=editors,cn=groups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top groupOfNames nestedGroup ipaobject ipahostgroup add description: IPA server hosts add cn: ipaservers add ipaUniqueID: autogenerate adding new entry "cn=ipaservers,cn=hostgroups,cn=accounts,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: sshd add description: sshd add ipauniqueid: autogenerate adding new entry "cn=sshd,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: ftp add description: ftp add ipauniqueid: autogenerate adding new entry "cn=ftp,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: su add description: su add ipauniqueid: autogenerate adding new entry "cn=su,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: login add description: login add ipauniqueid: autogenerate adding new entry "cn=login,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: su-l add description: su with login shell add ipauniqueid: autogenerate adding new entry "cn=su-l,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: sudo add description: sudo add ipauniqueid: autogenerate adding new entry "cn=sudo,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: sudo-i add description: sudo-i add ipauniqueid: autogenerate adding new entry "cn=sudo-i,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: systemd-user add description: pam_systemd and systemd user@.service add ipauniqueid: autogenerate adding new entry "cn=systemd-user,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: gdm add description: gdm add ipauniqueid: autogenerate adding new entry "cn=gdm,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: gdm-password add description: gdm-password add ipauniqueid: autogenerate adding new entry "cn=gdm-password,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipahbacservice ipaobject add cn: kdm add description: kdm add ipauniqueid: autogenerate adding new entry "cn=kdm,cn=hbacservices,cn=hbac,dc=testipa,dc=lan" modify complete
add objectClass: ipaobject ipahbacservicegroup nestedGroup groupOfNames top add cn: Sudo add ipauniqueid: autogenerate add description: Default group of Sudo related services add member: cn=sudo,cn=hbacservices,cn=hbac,dc=testipa,dc=lan cn=sudo-i,cn=hbacservices,cn=hbac,dc=testipa,dc=lan adding new entry "cn=Sudo,cn=hbacservicegroups,cn=hbac,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top ipaGuiConfig ipaConfigObject add ipaUserSearchFields: uid,givenname,sn,telephonenumber,ou,title add ipaGroupSearchFields: cn,description add ipaSearchTimeLimit: 2 add ipaSearchRecordsLimit: 100 add ipaHomesRootDir: /home add ipaDefaultLoginShell: /bin/sh add ipaDefaultPrimaryGroup: ipausers add ipaMaxUsernameLength: 32 add ipaPwdExpAdvNotify: 4 add ipaGroupObjectClasses: top groupofnames nestedgroup ipausergroup ipaobject add ipaUserObjectClasses: top person organizationalperson inetorgperson inetuser posixaccount krbprincipalaux krbticketpolicyaux ipaobject ipasshuser add ipaDefaultEmailDomain: testipa.lan add ipaMigrationEnabled: FALSE add ipaConfigString: AllowNThash KDC:Disable Last Success add ipaSELinuxUserMapOrder: guest_u:s0$xguest_u:s0$user_u:s0$staff_u:s0-s0:c0.c1023$sysadm_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023 add ipaSELinuxUserMapDefault: unconfined_u:s0-s0:c0.c1023 adding new entry "cn=ipaConfig,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: top nsContainer add cn: cosTemplates adding new entry "cn=cosTemplates,cn=accounts,dc=testipa,dc=lan" modify complete
add description: Password Policy based on group membership add objectClass: top ldapsubentry cosSuperDefinition cosClassicDefinition add cosTemplateDn: cn=cosTemplates,cn=accounts,dc=testipa,dc=lan add cosAttribute: krbPwdPolicyReference override add cosSpecifier: memberOf adding new entry "cn=Password Policy,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: selinux adding new entry "cn=selinux,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: usermap adding new entry "cn=usermap,cn=selinux,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: ranges adding new entry "cn=ranges,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: top ipaIDrange ipaDomainIDRange add cn: TESTIPA.LAN_id_range add ipaBaseID: 1745600000 add ipaIDRangeSize: 200000 add ipaRangeType: ipa-local adding new entry "cn=TESTIPA.LAN_id_range,cn=ranges,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: ca adding new entry "cn=ca,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: certprofiles adding new entry "cn=certprofiles,cn=ca,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: caacls adding new entry "cn=caacls,cn=ca,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: cas adding new entry "cn=cas,cn=ca,dc=testipa,dc=lan" modify complete
2019-11-15T02:43:51Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:43:51Z DEBUG duration: 20 seconds 2019-11-15T02:43:51Z DEBUG [28/44]: adding delegation layout 2019-11-15T02:43:51Z DEBUG Starting external process 2019-11-15T02:43:51Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpKdZVKw -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:44:12Z DEBUG Process finished, return code=0 2019-11-15T02:44:12Z DEBUG stdout=add objectClass: top nsContainer add cn: roles adding new entry "cn=roles,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: pbac adding new entry "cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: privileges adding new entry "cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: permissions adding new entry "cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: helpdesk add description: Helpdesk adding new entry "cn=helpdesk,cn=roles,cn=accounts,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: User Administrators add description: User Administrators adding new entry "cn=User Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Group Administrators add description: Group Administrators adding new entry "cn=Group Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Host Administrators add description: Host Administrators adding new entry "cn=Host Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Host Group Administrators add description: Host Group Administrators adding new entry "cn=Host Group Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Delegation Administrator add description: Role administration adding new entry "cn=Delegation Administrator,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: DNS Administrators add description: DNS Administrators adding new entry "cn=DNS Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: DNS Servers add description: DNS Servers adding new entry "cn=DNS Servers,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Service Administrators add description: Service Administrators adding new entry "cn=Service Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Automount Administrators add description: Automount Administrators adding new entry "cn=Automount Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Netgroups Administrators add description: Netgroups Administrators adding new entry "cn=Netgroups Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Certificate Administrators add description: Certificate Administrators adding new entry "cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Replication Administrators add description: Replication Administrators add member: cn=admins,cn=groups,cn=accounts,dc=testipa,dc=lan adding new entry "cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Host Enrollment add description: Host Enrollment adding new entry "cn=Host Enrollment,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Stage User Administrators add description: Stage User Administrators adding new entry "cn=Stage User Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames nestedgroup add cn: Stage User Provisioning add description: Stage User Provisioning adding new entry "cn=Stage User Provisioning,cn=privileges,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Add Replication Agreements add ipapermissiontype: SYSTEM add member: cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Add Replication Agreements,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Modify Replication Agreements add ipapermissiontype: SYSTEM add member: cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Modify Replication Agreements,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Read Replication Agreements add ipapermissiontype: SYSTEM add member: cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Read Replication Agreements,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Remove Replication Agreements add ipapermissiontype: SYSTEM add member: cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Remove Replication Agreements,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Modify DNA Range add ipapermissiontype: SYSTEM add member: cn=Replication Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Modify DNA Range,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add objectClass: top nsContainer add cn: virtual operations adding new entry "cn=virtual operations,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Retrieve Certificates from the CA add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Retrieve Certificates from the CA,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=retrieve certificate,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Retrieve Certificates from the CA" ; allow (write) groupdn = "ldap:///cn=Retrieve Certificates from the CA,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Request Certificate add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Request Certificate,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Request Certificate" ; allow (write) groupdn = "ldap:///cn=Request Certificate,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Request Certificates from a different host add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Request Certificates from a different host,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate different host,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Request Certificates from a different host" ; allow (write) groupdn = "ldap:///cn=Request Certificates from a different host,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Get Certificates status from the CA add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Get Certificates status from the CA,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate status,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Get Certificates status from the CA" ; allow (write) groupdn = "ldap:///cn=Get Certificates status from the CA,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Revoke Certificate add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Revoke Certificate,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=revoke certificate,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Revoke Certificate"; allow (write) groupdn = "ldap:///cn=Revoke Certificate,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
add objectClass: top groupofnames ipapermission add cn: Certificate Remove Hold add member: cn=Certificate Administrators,cn=privileges,cn=pbac,dc=testipa,dc=lan adding new entry "cn=Certificate Remove Hold,cn=permissions,cn=pbac,dc=testipa,dc=lan" modify complete
add aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate remove hold,cn=virtual operations,cn=etc,dc=testipa,dc=lan" )(version 3.0 ; acl "permission:Certificate Remove Hold"; allow (write) groupdn = "ldap:///cn=Certificate Remove Hold,cn=permissions,cn=pbac,dc=testipa,dc=lan";) modifying entry "dc=testipa,dc=lan" modify complete
2019-11-15T02:44:12Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:44:12Z DEBUG duration: 20 seconds 2019-11-15T02:44:12Z DEBUG [29/44]: creating container for managed entries 2019-11-15T02:44:12Z DEBUG Starting external process 2019-11-15T02:44:12Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpX_7TDG -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:44:32Z DEBUG Process finished, return code=0 2019-11-15T02:44:32Z DEBUG stdout=add objectClass: nsContainer top add cn: Managed Entries adding new entry "cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: Templates adding new entry "cn=Templates,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
add objectClass: nsContainer top add cn: Definitions adding new entry "cn=Definitions,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:44:32Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:44:32Z DEBUG duration: 20 seconds 2019-11-15T02:44:32Z DEBUG [30/44]: configuring user private groups 2019-11-15T02:44:32Z DEBUG Starting external process 2019-11-15T02:44:32Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmprgFNql -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:44:52Z DEBUG Process finished, return code=0 2019-11-15T02:44:52Z DEBUG stdout=add objectclass: mepTemplateEntry add cn: UPG Template add mepRDNAttr: cn add mepStaticAttr: objectclass: posixgroup objectclass: ipaobject ipaUniqueId: autogenerate add mepMappedAttr: cn: $uid gidNumber: $uidNumber description: User private group for $uid adding new entry "cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: extensibleObject add cn: UPG Definition add originScope: cn=users,cn=accounts,dc=testipa,dc=lan add originFilter: (&(objectclass=posixAccount)(!(description=no_upg))) add managedBase: cn=groups,cn=accounts,dc=testipa,dc=lan add managedTemplate: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,dc=testipa,dc=lan adding new entry "cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:44:52Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:44:52Z DEBUG duration: 20 seconds 2019-11-15T02:44:52Z DEBUG [31/44]: configuring netgroups from hostgroups 2019-11-15T02:44:52Z DEBUG Starting external process 2019-11-15T02:44:52Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpYCtp0H -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:45:12Z DEBUG Process finished, return code=0 2019-11-15T02:45:12Z DEBUG stdout=add objectclass: mepTemplateEntry add cn: NGP HGP Template add mepRDNAttr: cn add mepStaticAttr: ipaUniqueId: autogenerate objectclass: ipanisnetgroup objectclass: ipaobject nisDomainName: testipa.lan add mepMappedAttr: cn: $cn memberHost: $dn description: ipaNetgroup $cn adding new entry "cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: extensibleObject add cn: NGP Definition add originScope: cn=hostgroups,cn=accounts,dc=testipa,dc=lan add originFilter: objectclass=ipahostgroup add managedBase: cn=ng,cn=alt,dc=testipa,dc=lan add managedTemplate: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,dc=testipa,dc=lan adding new entry "cn=NGP Definition,cn=Definitions,cn=Managed Entries,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:45:12Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:45:12Z DEBUG duration: 20 seconds 2019-11-15T02:45:12Z DEBUG [32/44]: creating default Sudo bind user 2019-11-15T02:45:12Z DEBUG Starting external process 2019-11-15T02:45:12Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpibBmL7 -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:45:32Z DEBUG Process finished, return code=0 2019-11-15T02:45:32Z DEBUG stdout=add objectclass: account simplesecurityobject add uid: sudo add userPassword: XXXXXXXX add passwordExpirationTime: 20380119031407Z add nsIdleTimeout: 0 adding new entry "uid=sudo,cn=sysaccounts,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:45:32Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:45:32Z DEBUG duration: 20 seconds 2019-11-15T02:45:32Z DEBUG [33/44]: creating default Auto Member layout 2019-11-15T02:45:32Z DEBUG Starting external process 2019-11-15T02:45:32Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpRYuxf2 -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:45:52Z DEBUG Process finished, return code=0 2019-11-15T02:45:52Z DEBUG stdout=add nsslapd-pluginConfigArea: cn=automember,cn=etc,dc=testipa,dc=lan modifying entry "cn=Auto Membership Plugin,cn=plugins,cn=config" modify complete
add objectClass: top nsContainer add cn: automember adding new entry "cn=automember,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: autoMemberDefinition add cn: Hostgroup add autoMemberScope: cn=computers,cn=accounts,dc=testipa,dc=lan add autoMemberFilter: objectclass=ipaHost add autoMemberGroupingAttr: member:dn adding new entry "cn=Hostgroup,cn=automember,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: autoMemberDefinition add cn: Group add autoMemberScope: cn=users,cn=accounts,dc=testipa,dc=lan add autoMemberFilter: objectclass=posixAccount add autoMemberGroupingAttr: member:dn adding new entry "cn=Group,cn=automember,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:45:52Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:45:52Z DEBUG duration: 20 seconds 2019-11-15T02:45:52Z DEBUG [34/44]: adding range check plugin 2019-11-15T02:45:52Z DEBUG Starting external process 2019-11-15T02:45:52Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpws2PCr -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:46:12Z DEBUG Process finished, return code=0 2019-11-15T02:46:12Z DEBUG stdout=add objectclass: top nsSlapdPlugin extensibleObject add cn: IPA Range-Check add nsslapd-pluginpath: libipa_range_check add nsslapd-plugininitfunc: ipa_range_check_init add nsslapd-plugintype: preoperation add nsslapd-pluginenabled: on add nsslapd-pluginid: ipa_range_check_version add nsslapd-pluginversion: 1.0 add nsslapd-pluginvendor: Red Hat, Inc. add nsslapd-plugindescription: IPA Range-Check plugin add nsslapd-plugin-depends-on-type: database add nsslapd-basedn: dc=testipa,dc=lan adding new entry "cn=IPA Range-Check,cn=plugins,cn=config" modify complete
2019-11-15T02:46:12Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:46:12Z DEBUG duration: 20 seconds 2019-11-15T02:46:12Z DEBUG [35/44]: creating default HBAC rule allow_all 2019-11-15T02:46:12Z DEBUG Starting external process 2019-11-15T02:46:12Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpkejr9N -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:46:32Z DEBUG Process finished, return code=0 2019-11-15T02:46:32Z DEBUG stdout=add objectclass: ipaassociation ipahbacrule add cn: allow_all add accessruletype: allow add usercategory: all add hostcategory: all add servicecategory: all add ipaenabledflag: TRUE add description: Allow all users to access any host from any host add ipauniqueid: autogenerate adding new entry "ipauniqueid=autogenerate,cn=hbac,dc=testipa,dc=lan" modify complete
add objectclass: ipaassociation ipahbacrule add cn: allow_systemd-user add accessruletype: allow add usercategory: all add hostcategory: all add memberService: cn=systemd-user,cn=hbacservices,cn=hbac,dc=testipa,dc=lan add ipaenabledflag: TRUE add description: Allow pam_systemd to run user@.service to create a system user session add ipauniqueid: autogenerate adding new entry "ipauniqueid=autogenerate,cn=hbac,dc=testipa,dc=lan" modify complete
2019-11-15T02:46:32Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:46:32Z DEBUG duration: 20 seconds 2019-11-15T02:46:32Z DEBUG [36/44]: adding entries for topology management 2019-11-15T02:46:32Z DEBUG Starting external process 2019-11-15T02:46:32Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpKGovyT -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:46:52Z DEBUG Process finished, return code=0 2019-11-15T02:46:52Z DEBUG stdout=add objectclass: top nsContainer add cn: topology adding new entry "cn=topology,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
add objectclass: top iparepltopoconf add ipaReplTopoConfRoot: dc=testipa,dc=lan add nsDS5ReplicatedAttributeList: (objectclass=) $ EXCLUDE memberof idnssoaserial entryusn krblastsuccessfulauth krblastfailedauth krbloginfailedcount add nsDS5ReplicatedAttributeListTotal: (objectclass=) $ EXCLUDE entryusn krblastsuccessfulauth krblastfailedauth krbloginfailedcount add nsds5ReplicaStripAttrs: modifiersName modifyTimestamp internalModifiersName internalModifyTimestamp add cn: domain adding new entry "cn=domain,cn=topology,cn=ipa,cn=etc,dc=testipa,dc=lan" modify complete
2019-11-15T02:46:52Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:46:52Z DEBUG duration: 20 seconds 2019-11-15T02:46:52Z DEBUG [37/44]: initializing group membership 2019-11-15T02:46:52Z DEBUG Starting external process 2019-11-15T02:46:52Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpxuIlTs -H ldapi://%2fvar%2frun%2fslapd-TESTIPA-LAN.socket -Y EXTERNAL 2019-11-15T02:47:12Z DEBUG Process finished, return code=0 2019-11-15T02:47:12Z DEBUG stdout=add objectClass: top extensibleObject add cn: IPA install add basedn: dc=testipa,dc=lan add filter: (objectclass=*) add ttl: 10 adding new entry "cn=IPA install 1573785362, cn=memberof task, cn=tasks, cn=config" modify complete
2019-11-15T02:47:12Z DEBUG stderr=ldap_initialize( ldapi://%2Fvar%2Frun%2Fslapd-TESTIPA-LAN.socket/??base ) SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
2019-11-15T02:47:12Z DEBUG Waiting for memberof task to complete. 2019-11-15T02:47:33Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 567, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 557, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 712, in init_memberof replication.wait_for_task(conn, dn) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 171, in wait_for_task entry = conn.get_entry(dn, attrlist) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1565, in get_entry size_limit=size_limit, get_effective_rights=get_effective_rights, File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1377, in get_entries **kwargs) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1515, in find_entries break File "/usr/lib64/python2.7/contextlib.py", line 35, in exit self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1026, in error_handler raise errors.NotFound(reason=arg_desc or 'no such entry') NotFound: no such entry
2019-11-15T02:47:33Z DEBUG [error] NotFound: no such entry 2019-11-15T02:47:33Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 319, in run return cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 360, in run return self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 386, in execute for rval in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 431, in runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 460, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 418, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 655, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 431, in __runner exc_handler(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 460, in _handle_execute_exception self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 515, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 450, in _handle_exception six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 418, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 65, in _install for unused in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/init.py", line 590, in main master_install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 250, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 783, in install setup_pkinit=not options.no_pkinit) File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 345, in create_instance self.start_creation(runtime=30) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 567, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 557, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 712, in init_memberof replication.wait_for_task(conn, dn) File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 171, in wait_for_task entry = conn.get_entry(dn, attrlist) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1565, in get_entry size_limit=size_limit, get_effective_rights=get_effective_rights, File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1377, in get_entries *kwargs) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1515, in find_entries break File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1026, in error_handler raise errors.NotFound(reason=arg_desc or 'no such entry')
The installation fails in step initializing group membership because the task entry is already garbage collected before the installer is able to retrieve the entry:
initializing group membership
2019-11-15T02:47:12Z DEBUG ... adding new entry "cn=IPA install 1573785362, cn=memberof task, cn=tasks, cn=config" 2019-11-15T02:47:12Z DEBUG Waiting for memberof task to complete. 2019-11-15T02:47:33Z DEBUG Traceback (most recent call last): ... File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 171, in wait_for_task ... NotFound: no such entry
What kind of hardware are you using? The installation started at 02:30:40Z and fails at 02:47:33Z during DS installation. That's way over 15 minutes. On a typical server machine the step is reached after 40-50 seconds.
I'm closing the issue because we haven't got a reply in three weeks. The issue is likely caused by too slow hardware.
Metadata Update from @cheimes: - Issue close_status updated to: insufficientinfo - Issue status updated to: Closed (was: Open)
Hello Christian
I'm sorry I didn't have time to respond. Thank you for the help. We've decided to simply deploy with integrated DNS. Had no issues as a result.
On Tue, Dec 10, 2019 at 12:39 AM Christian Heimes pagure@pagure.io wrote:
cheimes added a new comment to an issue you are following: I'm closing the issue because we haven't got a reply in three weeks. The issue is likely caused by too slow hardware. To reply, visit the link below or just reply to this email https://pagure.io/freeipa/issue/8119
cheimes added a new comment to an issue you are following: I'm closing the issue because we haven't got a reply in three weeks. The issue is likely caused by too slow hardware.
To reply, visit the link below or just reply to this email https://pagure.io/freeipa/issue/8119
Login to comment on this ticket.