hi
having a client installed now I attempt to install a replica.. .. host already exists. It needs to be removed. Run this command: %% ipa-replica-manage del rider.private.ccnr.ceb.private.cam.ac.uk --force
which I do, I go to first master and I do as recommend, and on candidate replica again I do, but this time.. .. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2529638918): Client 'host/rider.private.ccnr.ceb.private.cam.ac.uk@PRIVATE' not found in Kerberos database ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR
on first master I do: $ ipa host-find ; and yes, there no host so I need to do client re-installation, right? Is this intended & expected? Or is this some weird bug?
many thanks, L.
On 04/07/2018 04:52 PM, lejeczek via FreeIPA-users wrote:
hi
having a client installed now I attempt to install a replica.. .. host already exists. It needs to be removed. Run this command: %% ipa-replica-manage del rider.private.ccnr.ceb.private.cam.ac.uk --force
which I do, I go to first master and I do as recommend, and on candidate replica again I do, but this time.. .. ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2529638918): Client 'host/rider.private.ccnr.ceb.private.cam.ac.uk@PRIVATE' not found in Kerberos database ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR
on first master I do: $ ipa host-find ; and yes, there no host so I need to do client re-installation, right? Is this intended & expected? Or is this some weird bug?
many thanks, L. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Hi,
if you are promoting a host from client to replica and there was already a replica with the same name (visible with ipa-replica-manage list), it is expected that the ipa-replica-install command fails.
The correct procedure to recover is to completely delete the replica: (on replica) ipa-server-install --uninstall -U (on master) ipa-replica-manage list If the above command returns the replica, (on master) ipa-replica-manage del <replica> --force
and then retry the replica installation. Note that you can either: - install the client then promote to replica: ipa-client-install <client_options> ipa-replica-install <replica_options> - or do both operations in a single step: ipa-replica-install <client_options> <replica_options> (see DOMAIN LEVEL 1 CLIENT ENROLLMENT OPTIONS in the man page for ipa-replica-install).
Which command is triggering the Unspecified GSS failure in your case?
HTH, Flo
freeipa-users@lists.fedorahosted.org