n keytab [FILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC for requested realm) I think it's stuck here. What do I need to do with this
less /var/log/dirsrv/slapd-YYDEVOPS-COM/error [15/Jun/2022:19:39:48 +0800] - SSL alert: Security Initialization: Enabling default cipher set. [15/Jun/2022:19:39:48 +0800] - SSL alert: Configured NSS Ciphers [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_AES_128_GCM_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_CHACHA20_POLY1305_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_AES_256_GCM_SHA384: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_AES_128_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_DSS_WITH_AES_128_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_AES_256_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_DSS_WITH_AES_256_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_RSA_WITH_AES_128_GCM_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_RSA_WITH_AES_128_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_RSA_WITH_AES_128_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_RSA_WITH_AES_256_CBC_SHA: enabled [15/Jun/2022:19:39:48 +0800] - SSL alert: TLS_RSA_WITH_AES_256_CBC_SHA256: enabled [15/Jun/2022:19:39:48 +0800] SSL Initialization - Configured SSL version range: min: TLS1.0, max: TLS1.2 [15/Jun/2022:19:39:48 +0800] - 389-Directory/1.3.4.9 B2016.109.158 starting up [15/Jun/2022:19:39:48 +0800] - Setting ncache to: 7 to keep each chunk below 4Gbytes [15/Jun/2022:19:39:48 +0800] - Detected Disorderly Shutdown last time Directory Server was running, recovering database. [15/Jun/2022:19:39:53 +0800] schema-compat-plugin - scheduled schema-compat-plugin tree scan in about 5 seconds after the server startup! [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=dns,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=keys,cn=sec,cn=dns,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=dns,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=dns,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=groups,cn=compat,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=computers,cn=compat,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=ng,cn=compat,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target ou=sudoers,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=users,cn=compat,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=vaults,cn=kra,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=dns,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=ad,cn=etc,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=casigningcert cert-pki-ca,cn=ca_renewal,cn=ipa,cn=etc,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=casigningcert cert-pki-ca,cn=ca_renewal,cn=ipa,cn=etc,dc=yydevops,dc=com does not exist [15/Jun/2022:19:39:53 +0800] NSACLPlugin - The ACL target cn=automember rebuild membership,cn=tasks,cn=config does not exist [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - CleanAllRUV Task: cleanAllRUV task found, resuming the cleaning of rid(53)... [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - replica_check_for_data_reload: Warning: disordely shutdown for replica dc=yydevops,dc=com. Check if DB RUV needs to be updated [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - ruv_covers_csn: replica for id 22 not found. [15/Jun/2022:19:39:53 +0800] set_krb5_creds - Could not get initial credentials for principal [ldap/fs-hiido-kerberos-21-117-149.hiido.host.yydevops....@yydevops.com] in keytab [FILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC for requested realm) [15/Jun/2022:19:39:53 +0800] set_krb5_creds - Could not get initial credentials for principal [ldap/fs-hiido-kerberos-21-117-149.hiido.host.yydevops....@yydevops.com] in keytab [FILE:/etc/dirsrv/ds.keytab]: -1765328228 (Cannot contact any KDC for requested realm) [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - replica_check_for_data_reload: Warning: disordely shutdown for replica o=ipaca. Check if DB RUV needs to be updated [15/Jun/2022:19:39:53 +0800] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -1 (Can't contact LDAP server) ((null)) errno 107 (Transport endpoint is not connected) [15/Jun/2022:19:39:53 +0800] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -1 (Can't contact LDAP server) [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - agmt="cn=meTofs-hiido-kerberos-ca-02.hiido.host.yydevops.com" (fs-hiido-kerberos-ca-02:389): Replication bind with GSSAPI auth failed: LDAP error -1 (Can't contact LDAP server) () [15/Jun/2022:19:39:53 +0800] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available)) errno 0 (Success) [15/Jun/2022:19:39:53 +0800] slapi_ldap_bind - Error: could not perform interactive bind for id [] authentication mechanism [GSSAPI]: error -2 (Local error) [15/Jun/2022:19:39:53 +0800] NSMMReplicationPlugin - agmt="cn=fs-hiido-kerberos-21-117-149.hiido.host.yydevops.com-to-fs-hiido-kerveros-test08.hiido.host.yydevops.com" (fs-hiido-kerveros-test08:389): Replication bind with GSSAPI auth failed: LDAP error -2 (Local error) (SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available)) [15/Jun/2022:19:39:53 +0800] schema-compat-plugin - schema-compat-plugin tree scan will start in about 5 seconds! [15/Jun/2022:19:39:54 +0800] - slapd started. Listening on All Interfaces port 389 for LDAP requests [15/Jun/2022:19:39:54 +0800] - Listening on All Interfaces port 636 for LDAPS requests [15/Jun/2022:19:39:54 +0800] - Listening on /var/run/slapd-YYDEVOPS-COM.socket for LDAPI requests [15/Jun/2022:19:39:55 +0800] - slapd shutting down - signaling operation threads - op stack size 1 max work q size 1 max work q stack size 1 [15/Jun/2022:19:39:55 +0800] - slapd shutting down - waiting for 61 threads to terminate [15/Jun/2022:19:39:55 +0800] - slapd shutting down - closing down internal subsystems and plugins [15/Jun/2022:19:39:55 +0800] NSMMReplicationPlugin - CleanAllRUV Task (rid 53): Cleaning rid (53)... [15/Jun/2022:19:39:55 +0800] NSMMReplicationPlugin - CleanAllRUV Task (rid 53): Waiting to process all the updates from the deleted replica... [15/Jun/2022:19:39:55 +0800] NSMMReplicationPlugin - CleanAllRUV Task (rid 53): Waiting for all the replicas to be online... [15/Jun/2022:19:39:55 +0800] NSMMReplicationPlugin - CleanAllRUV Task (rid 53): Server shutting down. Process will resume at server startup [15/Jun/2022:19:39:55 +0800] - Waiting for 4 database threads to stop [15/Jun/2022:19:39:55 +0800] - All database threads now stopped [15/Jun/2022:19:39:56 +0800] - slapd shutting down - freed 1 work q stack objects - freed 1 op stack objects [15/Jun/2022:19:39:56 +0800] - slapd stopped. [15/Jun/2022:19:39:56 +0800] - slapi_search_internal_set_pb: NULL parameter [15/Jun/2022:19:39:56 +0800] - allow_operation: component identity is NULL _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
