It does work without --force-join, but I still keep having this:
Hostname (freeipa02.francis.local) does not have A/AAAA record.
Failed to update DNS records.
Missing A/AAAA record(s) for host freeipa02.francis.local: 10.120.41.21.
Missing reverse record(s) for address(es): 10.120.41.21.
And when starting replication:
Lookup failed: Preferred host freeipa02.francis.local does not provide
DNS.
Could not resolve hostname freeipa02.francis.local using DNS. Clients
may not function properly. Please check your DNS setup. (Note that this
check queries IPA DNS directly and ignores /etc/hosts.)
Joining is not creating the DNS entries. I got this error even when
adding DNS records beforehand.
Best,
Francis
On 2023-01-06 14:14, Rafael Jeffman via FreeIPA-users wrote:
On Fri, Jan 6, 2023 at 9:40 AM Francis Augusto Medeiros-Logeay via
FreeIPA-users <freeipa-users(a)lists.fedorahosted.org> wrote:
>
> Hi,
>
> I am trying to create a replica, but somehow I keep getting this
> error:
>
> [26/39]: setting up initial replication
> Starting replication, please wait until this has completed.
> Update in progress, 14 seconds elapsed
> [ldap://free02.ipa.local:389] reports: Update failed! Status: [Error
> (-1) - LDAP error: Can't contact LDAP server - no response received]
>
>
> I am joining it this way:
>
> sudo ipa-replica-install -w mypass -n ipa.local --server
> free02.ipa.local --hostname freeipa02.francis.local --ntp-pool
> ntp.uio.no [1] --force-join --setup-dns --auto-forwarders
> --skip-conncheck
>
> What can I do to investigate it?
>
> I see that the 389 port is reachable from the server on which I want
> to
> install a replica.
>
> Any tips would be welcome!
>
I'd start with /varr/log/ipareplica-install.log on the replica node.
I would also not use --force-join and --skip-conncheck, unless I really
need, as they might mask other issues.
Rafael
It d
Links:
------
[1]
http://ntp.uio.no