On 03/23/2018 12:07 AM, Sergei Gerasenko wrote:
> The error I'm basically getting is:
>
> [23/Mar/2018:03:23:29.461074995 +0000] - ERR - NSMMReplicationPlugin - bind_and_check_pwp - agmt="cn=HOST1-to-HOST2" (ipa203:389) - Replication bind with GSSAPI auth failed: LDAP error 49 (Invalid credentials) ()
>
> Any ideas?
GSSAPI authentication is failing. Wrong principle name in agreement?
KDC issue? I don't know, but that's what the error means. It could also
be a red herring as it typically does recover (it logs something like
"auth resumed"). We need to see more logging from the errors log.
>
>> On Mar 22, 2018, at 5:05 PM, Sergei Gerasenko <gerases@gmail.com> wrote:
>>
>> Hi guys,
>>
>> I ran into a rather significant problem. I needed to rebuild two nodes in my topology and re-include them under the same hostnames. What I'm seeing now is that the replication to these new nodes is broken. Replication from them seems to work. I suspect that we have some stale metadata somewhere in the topology whereby the old nodes are still present somewhere in the agreements under other ids?
>>
>> What's the best way to troubleshoot this?
>>
>> Thanks again,
>> Sergei
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
No comments:
Post a Comment