Friday, March 23, 2018

[389-users] Re: a replication problem

On 03/23/2018 12:07 AM, Sergei Gerasenko wrote:
> The error I'm basically getting is:
> [23/Mar/2018:03:23:29.461074995 +0000] - ERR - NSMMReplicationPlugin - bind_and_check_pwp - agmt="cn=HOST1-to-HOST2" (ipa203:389) - Replication bind with GSSAPI auth failed: LDAP error 49 (Invalid credentials) ()
> Any ideas?
GSSAPI authentication is failing.  Wrong principle name in agreement? 
KDC issue? I don't know, but that's what the error means.  It could also
be a red herring as it typically does recover (it logs something like
"auth resumed").  We need to see more logging from the errors log.
>> On Mar 22, 2018, at 5:05 PM, Sergei Gerasenko <> wrote:
>> Hi guys,
>> I ran into a rather significant problem. I needed to rebuild two nodes in my topology and re-include them under the same hostnames. What I'm seeing now is that the replication to these new nodes is broken. Replication from them seems to work. I suspect that we have some stale metadata somewhere in the topology whereby the old nodes are still present somewhere in the agreements under other ids?
>> What's the best way to troubleshoot this?
>> Thanks again,
>> Sergei
> _______________________________________________
> 389-users mailing list --
> To unsubscribe send an email to
389-users mailing list --
To unsubscribe send an email to

No comments:

Post a Comment