Issue #9076: Replica install fails due nonexisting RID ranges - freeipa

freeipa

#9076 Replica install fails due nonexisting RID ranges

Opened 2 years ago by wolas. Modified 2 years ago

Replica install fails due nonexisting RID ranges

https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/GAE2BYGL2IRXEW37KBBGGMROKIY5LETL/

I didint enable adrust or installed related packages, I dont use samba shares
either on existing installation.
I wanted to create additional replica, during install it asked what is NETBIOS name and if
I want to generate SID identifiers for users (answered no) then process failed with
errors below.

Expected behavior

replica install successfully (and it did like year ago)

Version/Release/Distribution

ipa-server-4.9.6-10.module_el8.5.0+1055+c415bbe9.x86_6

ipa idrange-find --all --raw

5 ranges matched

dn: cn=GS.INT.XX.XX_id_range,cn=ranges,cn=etc,dc=int,dc=xx,dc=xx,
cn: GS.INT.XX.XX_id_range
ipabaseid: 1200000000
ipaidrangesize: 9999
iparangetype: ipa-local
objectclass: ipaIDrange
objectclass: ipadomainidrange

dn: cn=INT.XX.XX_id_range,cn=ranges,cn=etc,dc=int,dc=xx,dc=xx,
cn: INT.XX.XX_id_range
ipabaseid: 1558400000
ipaidrangesize: 200000
iparangetype: ipa-local
objectclass: top
objectclass: ipaIDrange
objectclass: ipaDomainIDRange

dn: cn=IT.INT.XX.XX_id_range,cn=ranges,cn=etc,dc=int,dc=xx,dc=xx,
cn: IT.INT.XX.XX_id_range
ipabaseid: 40000
ipaidrangesize: 9999
iparangetype: ipa-local
objectclass: ipaIDrange
objectclass: ipadomainidrange

dn: cn=RB.INT.XX.XX_id_range,cn=ranges,cn=etc,dc=int,dc=xx,dc=xx,
cn: RB.INT.XX.XX_id_range
ipabaseid: 1300000000
ipaidrangesize: 9999
iparangetype: ipa-local
objectclass: ipaIDrange
objectclass: ipadomainidrange

dn: cn=UN.INT.XX.XX_id_range,cn=ranges,cn=etc,dc=int,dc=xx,dc=xx,
cn: UN.INT.XX.XX_id_range
ipabaseid: 1100000000
ipaidrangesize: 99999
iparangetype: ipa-local
objectclass: ipaIDrange
objectclass: ipadomainidrange

Number of entries returned 5

Logs

Configuring SID generation
[1/7]: creating samba domain object
Samba domain object already exists
[2/7]: adding admin(group) SIDs
Admin SID already set, nothing to do
Admin group SID already set, nothing to do
[3/7]: adding RID bases
Found more than one local domain ID range with no RID base set.
[error] RuntimeError: Too many ID ranges

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.

Too many ID ranges

2021-12-27T17:56:04Z DEBUG [2/7]: adding admin(group) SIDs
2021-12-27T17:56:04Z DEBUG Admin SID already set, nothing to do
2021-12-27T17:56:04Z DEBUG Admin group SID already set, nothing to do
2021-12-27T17:56:04Z DEBUG step duration: SID generation __add_admin_sids 0.00 sec
2021-12-27T17:56:04Z DEBUG [3/7]: adding RID bases
2021-12-27T17:56:04Z CRITICAL Found more than one local domain ID range with no RID base
set.
2021-12-27T17:56:04Z DEBUG Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line
635, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line
621, in run_step
method()
File "/usr/lib/python3.6/site-packages/ipaserver/install/adtrustinstance.py",
line 380, in __add_rid_bases
raise RuntimeError("Too many ID ranges\n")
RuntimeError: Too many ID ranges

2021-12-27T17:56:04Z DEBUG [error] RuntimeError: Too many ID ranges

2021-12-27T17:56:04Z DEBUG File
"/usr/lib/python3.6/site-packages/ipapython/admintool.py", line 180, in execute
return_value = self.run()
File "/usr/lib/python3.6/site-packages/ipapython/install/cli.py", line 342, in
run
return cfgr.run()
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 360,
in run
return self.execute()
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 386,
in execute
for rval in self._executor():
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 431,
in runner
exc_handler(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 460,
in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 421,
in __runner
step()
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 418,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python3.6/site-packages/ipapython/install/util.py", line 81, in
run_generator_with_yield_from
six.reraise(exc_info)
File "/usr/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3.6/site-packages/ipapython/install/util.py", line 59, in
run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 655,
in _configure
next(executor)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 431,
in __runner
exc_handler(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 460,
in _handle_execute_exception
self._handle_exception(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 518,
in _handle_exception
self.__parent._handle_exception(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 515,
in _handle_exception
super(ComponentBase, self)._handle_exception(exc_info)
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 450,
in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 421,
in __runner
step()
File "/usr/lib/python3.6/site-packages/ipapython/install/core.py", line 418,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python3.6/site-packages/ipapython/install/util.py", line 81, in
run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3.6/site-packages/ipapython/install/util.py", line 59, in
run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python3.6/site-packages/ipapython/install/common.py", line 65,
in _install
for unused in self._installer(self.parent):
File "/usr/lib/python3.6/site-packages/ipaserver/install/server/__init.py",
line 603, in main
replica_install(self)
File
"/usr/lib/python3.6/site-packages/ipaserver/install/server/replicainstall.py",
line 401, in decorated
func(installer)
File
"/usr/lib/python3.6/site-packages/ipaserver/install/server/replicainstall.py",
line 1371, in install
adtrust.install(False, options, fstore, api)
File "/usr/lib/python3.6/site-packages/ipaserver/install/adtrust.py", line
483, in install
smb.create_instance()
File "/usr/lib/python3.6/site-packages/ipaserver/install/adtrustinstance.py",
line 895, in create_instance
self.start_creation(show_service_name=False)
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line
635, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", line
621, in run_step
method()
File "/usr/lib/python3.6/site-packages/ipaserver/install/adtrustinstance.py",
line 380, in __add_rid_bases
raise RuntimeError("Too many ID ranges\n")

2021-12-27T17:56:04Z DEBUG The ipa-replica-install command failed, exception:
RuntimeError: Too many ID ranges

2021-12-27T17:56:04Z ERROR Too many ID ranges

2dfox commented 2 years ago

I too am getting this error.

2022-06-27T15:15:40Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Too many ID ranges
2022-06-27T15:15:40Z ERROR Too many ID ranges
2022-06-27T15:15:40Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information

2 ranges matched

dn: cn=STREAMTECH.IO_id_range,cn=ranges,cn=etc,dc=streamtech,dc=io
cn: STREAMTECH.IO_id_range
ipabaseid: 589600000
ipaidrangesize: 200000
iparangetype: ipa-local
objectclass: top
objectclass: ipaIDrange
objectclass: ipaDomainIDRange

dn: cn=STREAMTECH.IO_id_range2,cn=ranges,cn=etc,dc=streamtech,dc=io
cn: STREAMTECH.IO_id_range2
ipabaseid: 10000
ipaidrangesize: 100000
iparangetype: ipa-local
objectclass: ipaIDrange
objectclass: ipadomainidrange

Number of entries returned 2

rcritten commented 2 years ago

A workaround is mentioned in this mail thread: https://www.mail-archive.com/freeipa-users@lists.fedorahosted.org/msg13939.html

Red Hat Enterprise Linux subscribers can use this KCS solution https://access.redhat.com/solutions/6957393

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#9076 Replica install fails due nonexisting RID ranges Opened 2 years ago by wolas. Modified 2 years ago

Close issue as:

Expected behavior

Version/Release/Distribution

ipa idrange-find --all --raw

5 ranges matched

Number of entries returned 5

2 ranges matched

Number of entries returned 2

Metadata

#9076 Replica install fails due nonexisting RID ranges

Opened 2 years ago by wolas. Modified 2 years ago