Hello World!
I got an installation with FreeIPA server 4.2.4 in Fedora 23 and all worked fine
I decided to upgrade to Fedora 25 via dnf-upgrade-plugin
All the upgrade proc goes smooth and as a result my freeipa rpm packages also upgraded (from 4.2.4 to 4.4.4)
Now, the problem is that nothing works now.
The command "ipa-server-upgrade" shows:
IPA server upgrade failed: Inspect /var/log/ipaupgrade.log and run command ipa-server-upgrade manually. Timeout exceeded The ipa-server-upgrade command failed. See /var/log/ipaupgrade.log for more information
I attach the appropriate logs:
/var/log/ipaupgrade.log 2017-06-29T14:55:06Z DEBUG duration: 0 seconds 2017-06-29T14:55:06Z DEBUG [10/10]: starting directory server 2017-06-29T14:55:06Z DEBUG Starting external process 2017-06-29T14:55:06Z DEBUG args=/bin/systemctl start dirsrv@xxx.service 2017-06-29T14:55:09Z DEBUG Process finished, return code=0 2017-06-29T14:55:09Z DEBUG stdout= 2017-06-29T14:55:09Z DEBUG stderr= 2017-06-29T14:55:09Z DEBUG Starting external process 2017-06-29T14:55:09Z DEBUG args=/bin/systemctl is-active dirsrv@xxx.service 2017-06-29T14:55:09Z DEBUG Process finished, return code=0 2017-06-29T14:55:09Z DEBUG stdout=active
2017-06-29T14:55:09Z DEBUG stderr= 2017-06-29T14:55:09Z DEBUG wait_for_open_ports: localhost [389] timeout 300
/var/log/dirsrv/.../errors.log [29/Jun/2017:17:57:21.091850887 +0300] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 110 (Connection timed out) [29/Jun/2017:17:58:18.114145058 +0300] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 107 (Transport endpoint is not connected) [29/Jun/2017:17:58:42.135719951 +0300] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 110 (Connection timed out) [29/Jun/2017:18:01:30.160763487 +0300] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 107 (Transport endpoint is not connected) [29/Jun/2017:18:01:54.183552684 +0300] slapi_ldap_bind - Error: could not send startTLS request: error -1 (Can't contact LDAP server) errno 110 (Connection timed out)
/var/log/krb5kdc.log Jun 29 17:54:08 ipa1.srv.xxx.com krb5kdc[1335](info): AS_REQ (6 etypes {18 17 16 23 25 26}) x.x.x.x: ISSUE: authtime 1498748048, etypes {rep=18 tkt=18 ses=18}, ldap/ipa1.srv.xxx.com@SRV.xxx.COM for krbtgt/SRV.xxx.COM@SRV.xxx.COM Jun 29 17:54:08 ipa1.srv.xxx.com krb5kdc[1335](info): closing down fd 4 Jun 29 17:55:08 ipa1.srv.xxx.com krb5kdc[1335](info): AS_REQ (6 etypes {18 17 16 23 25 26}) x.x.x.x: LOOKING_UP_CLIENT: ldap/ipa1.srv.xxx.com@SRV.xxx.COM for krbtgt/SRV.xxx.COM@SRV.xxx.COM, Server error Jun 29 17:55:08 ipa1.srv.xxx.com krb5kdc[1335](info): closing down fd 4 Jun 29 17:55:08 ipa1.srv.xxx.com krb5kdc[1335](info): AS_REQ (6 etypes {18 17 16 23 25 26}) x.x.x.x: LOOKING_UP_CLIENT: ldap/ipa1.srv.xxx.com@SRV.xxx.COM for krbtgt/SRV.xxx.COM@SRV.xxx.COM, Server error Jun 29 17:55:08 ipa1.srv.xxx.com krb5kdc[1335](info): closing down fd 4 Jun 29 17:55:24 ipa1.srv.xxx.com krb5kdc[1335](info): AS_REQ (6 etypes {18 17 16 23 25 26}) x.x.x.x: NEEDED_PREAUTH: ldap/ipa1.srv.xxx.com@SRV.xxx.COM for krbtgt/SRV.xxx.COM@SRV.xxx.COM, Additional pre-authentication required Jun 29 17:55:24 ipa1.srv.xxx.com krb5kdc[1335](info): closing down fd 4 Jun 29 17:55:24 ipa1.srv.xxx.com krb5kdc[1335](info): AS_REQ (6 etypes {18 17 16 23 25 26}) x.x.x.x: ISSUE: authtime 1498748124, etypes {rep=18 tkt=18 ses=18}, ldap/ipa1.srv.xxx.com@SRV.xxx.COM for krbtgt/SRV.xxx.COM@SRV.xxx.COM Jun 29 17:55:24 ipa1.srv.xxx.com krb5kdc[1335](info): closing down fd 4
I have tried different ways of making command "ipa-server-upgrade" complete its job but nothing worked.
Any Ideas ? :(
freeipa-users@lists.fedorahosted.org