zwolfinger(a)campaignmonitor.com wrote:
> On September 10, 2018 at 1:16:20 PM, Rob Crittenden (rcritten(a)redhat.com
> <mailto:rcritten@redhat.com>) wrote:
>> Zak Wolfinger via FreeIPA-users wrote:
>> > Please Help!
>> >
>> > Running FreeIPA 4.5.4 under Centos 7.
>> >
>> > We have 3 FreeIPA replicas called auth01, auth02, and auth03. All are
>> > masters. Auth02 and Auth03 replicate to / from Auth01 only.
>> >
>> > Auth01 is DOWN.
>> >
>> > When I try to start it, here is what I see:
>> >
>> > # ipactl start
>> > Existing service file detected!
>> > Assuming stale, cleaning and proceeding
>> > Starting Directory Service
>> > Failed to read data from service file: Unknown error when retrieving
>> > list of services from LDAP: [Errno 22] Invalid argument
>> > Shutting down
>> >
>> > I’m not seeing anything obvious in the logs files, no am I finding
>> > anything interesting on that error message via google. Can anyone help
>> > me troubleshoot this, please?
>>
>> Try starting dirsrv manually using systemctl.
>>
>> rob
>
>
> Thanks rob, I get this:
>
>
> /bin/systemctl start dirsrv(a)INT.service
>
> [root@auth01 ~]#
>
> [root@auth01 ~]# ipactl status
>
> Unknown error when retrieving list of services from LDAP: [Errno 22]
> Invalid argument
>
> [root@auth01 ~]# ps aux | grep dirsrv
>
> dirsrv 21957 64.6 0.8 1541076 141044 ? Ssl 13:42 0:49
> /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-INT -i /var/run/dirsrv/slapd-INT.pid
>
What it's doing here is waiting for the port to accept connections and
then trying to find the list of services.
I'd start by looking at the access log in
/var/log/dirsrv/slapd-INT/access to see what the last set of queries was
and what the response(s) were.
You can try duplicating that search ipactl is doing from the commandline:
$ ldapsearch -x -D 'cn=directory manager' -W -b
cn=`hostname`,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
"(ipaConfigString=enabledService)" cn ipaConfigString
rob