I think I detected the problem. The error log in the replica writes:[11/Jun/2017:13:36:06.360241021 -0400] SASL encrypted packet length exceeds maximum allowed limit (length=2483849, limit=2097152). Change the nsslapd-maxsasliosize attribute in cn=config to increase limit.[11/Jun/2017:13:36:06.361177815 -0400] ERROR bulk import abandoned"When an incoming SASL IO packet is larger than the nsslapd-maxsasliosize limit, the server immediately disconnects the client and logs a message to the error log, so that an administrator can adjust the setting if necessary"The problem now is how can I change the value of the attribute during replication.Regards.On Sun, Jun 11, 2017 at 2:20 AM, Adrian HY <ayeja153@gmail.com> wrote:Hi folks, I had a problem with replication and I tried to add the slave back to the replica. The process stops in the initial replication phase.The firewall and selinux are down and both servers are synchronized with the time.Centos 7.3Freeipa 4.4.0-14Master error log:11/Jun/2017:01:11:45.690402715 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Replication bind with GSSAPI auth failed: LDAP error 49 (Invalid credentials) ()[11/Jun/2017:01:11:45.690877649 -0400] NSMMReplicationPlugin - Warning: unable to acquire replica for total update, error: 49, retrying in 1 seconds.[11/Jun/2017:01:11:46.966060891 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Replication bind with GSSAPI auth resumed[11/Jun/2017:01:11:47.095800971 -0400] NSMMReplicationPlugin - Beginning total update of replica "agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389)".[11/Jun/2017:01:12:06.873713837 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Failed to send extended operation: LDAP error -1 (Can't contact LDAP server)[11/Jun/2017:01:12:06.874590112 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Received error -1 (Can't contact LDAP server): for total update operation[11/Jun/2017:01:12:06.874950648 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Warning: unable to send endReplication extended operation (Can't contact LDAP server)[11/Jun/2017:01:12:06.875217640 -0400] NSMMReplicationPlugin - Total update failed for replica "agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389)", error (-11)[11/Jun/2017:01:12:06.894882383 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): Replication bind with GSSAPI auth resumed[11/Jun/2017:01:12:06.905304992 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): The remote replica has a different database generation ID thanthe local database. You may have to reinitialize the remote replica, or the local replica.[11/Jun/2017:01:12:09.912282245 -0400] NSMMReplicationPlugin - agmt="cn=meTousuarios-replica.ipa.server.com" (usuarios-replica:389): The remote replica has a different database generation ID thanthe local database. You may have to reinitialize the remote replica, or the local replica.Client ipareplica-install.log:2017-06-11T05:24:24Z DEBUG stderr=2017-06-11T05:24:24Z DEBUG wait_for_open_ports: localhost [389] timeout 3002017-06-11T05:24:24Z DEBUG Fetching nsDS5ReplicaId from master [attempt 1/5]2017-06-11T05:24:24Z DEBUG flushing ldap://usuarios.ipa.server.com:389 from SchemaCache2017-06-11T05:24:24Z DEBUG retrieving schema for SchemaCache url=ldap://usuarios.ipa.server.com:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x86909e0>2017-06-11T05:24:24Z DEBUG Successfully updated nsDS5ReplicaId.2017-06-11T05:24:24Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-IPA.SERVER.COM.socket from SchemaCache2017-06-11T05:24:24Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-IPA.SERVER.COM.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x9e74440>2017-06-11T05:24:46Z DEBUG Traceback (most recent call last):File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 449, in start_creationrun_step(full_msg, method)File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 439, in run_stepmethod()File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 416, in __setup_replicarepl.setup_promote_replication(self.master_fqdn)File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1643, in setup_promote_replicationraise RuntimeError("Failed to start replication")RuntimeError: Failed to start replication2017-06-11T05:24:46Z DEBUG [error] RuntimeError: Failed to start replication2017-06-11T05:24:46Z DEBUG Destroyed connection context.ldap2_1011929762017-06-11T05:24:46Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in executereturn_value = self.run()File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in runcfgr.run()File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 310, in runself.execute()File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 332, in executefor nothing in self._executor():File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runnerself._handle_exception(exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exceptionsix.reraise(*exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runnerstep()File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda>step = lambda: next(self.__gen)File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_fromsix.reraise(*exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_fromvalue = gen.send(prev_value)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 586, in _configurenext(executor)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runnerself._handle_exception(exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 449, in _handle_exceptionself.__parent._handle_exception(exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exceptionsix.reraise(*exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 446, in _handle_exceptionsuper(ComponentBase, self)._handle_exception(exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exceptionsix.reraise(*exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runnerstep()File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda>step = lambda: next(self.__gen)File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_fromsix.reraise(*exc_info)File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_fromvalue = gen.send(prev_value)File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _installfor nothing in self._installer(self.parent):File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1722, in mainpromote(self)File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 372, in decoratedfunc(installer)File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 1423, in promotepromote=True, pkcs12_info=dirsrv_pkcs12_info)File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 135, in install_replica_dsapi=remote_api,File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 401, in create_replicaself.start_creation(runtime=60)File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 449, in start_creationrun_step(full_msg, method)File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 439, in run_stepmethod()File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 416, in __setup_replicarepl.setup_promote_replication(self.master_fqdn)File "/usr/lib/python2.7/site-packages/ipaserver/install/replication.py", line 1643, in setup_promote_replicationraise RuntimeError("Failed to start replication")