hi
I'm trying to install a client that would very rarely
succeed, 9 out of 10 fails, I run these installations in series.
When it fails it does it this way:
..
Failed to obtain host TGT: Major (851968): Unspecified GSS
failure. Minor code may provide more information, Minor
(2529638936): Preauthentication failed
But when it succeed that replica installation would always
fail, always the same way, like:
..
[28/40]: adding sasl mappings to the directory
[29/40]: updating schema
ipa : CRITICAL Failed to load schema-update.ldif:
Command '/usr/bin/ldapmodify -v -f
/usr/share/ipa/schema-update.ldif -H
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket -Y EXTERNAL'
returned non-zero exit status 50
[error] CalledProcessError: Command '/usr/bin/ldapmodify
-v -f /usr/share/ipa/schema-update.ldif -H
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket -Y EXTERNAL'
returned non-zero exit status 50
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
..
in log:
..
2018-04-07T15:34:24Z DEBUG stderr=ldap_initialize(
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket/??base )
SASL/EXTERNAL authentication started
SASL username:
gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldap_modify: Insufficient access (50)
additional info: Insufficient 'write' privilege to the
'objectClasses' attribute of entry 'cn=schema'.
2018-04-07T15:34:24Z CRITICAL Failed to load
schema-update.ldif: Command '/usr/bin/ldapmodify -v -f
/usr/share/ipa/schema-update.ldif -H
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket -Y EXTERNAL'
returned non-zero exit status 50
2018-04-07T15:34:24Z DEBUG Traceback (most recent call last):
File
"/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
line 504, in start_creation
run_step(full_msg, method)
File
"/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
line 494, in run_step
method()
File
"/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
line 490, in __update_schema
self._ldap_mod("schema-update.ldif")
File
"/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
line 308, in _ldap_mod
ipautil.run(args, nolog=nologlist)
File
"/usr/lib/python2.7/site-packages/ipapython/ipautil.py",
line 512, in run
raise CalledProcessError(p.returncode, arg_string,
str(output))
CalledProcessError: Command '/usr/bin/ldapmodify -v -f
/usr/share/ipa/schema-update.ldif -H
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket -Y EXTERNAL'
returned non-zero exit status 50
2018-04-07T15:34:24Z DEBUG [error] CalledProcessError:
Command '/usr/bin/ldapmodify -v -f
/usr/share/ipa/schema-update.ldif -H
ldapi://%2Fvar%2Frun%2Fslapd-PRIVATE.socket -Y EXTERNAL'
returned non-zero exit status 50
...
How I exec commands:
$ ipa-client-install --principal=admin
--password=pass#diradm --force-join -U &&
ipa-replica-install --setup-dns --no-forwarders
--admin-password=pass#diradm -U
How is possible to troubleshoot this?
many thanks