Yes, I know, not recommended etc, low performance. I'm not going
to run
the CA on it. I just want to have a backup LDAP/Kerberos server.
Right now I'm just trying to test things out. I've got a master and a
replica (so you could say two masters I suppose) running in Virtualbox
VMs, and I'm trying to set up a 3rd replica on a Pi. All are Fedors 27.
I had to downgrade httpd due to
https://pagure.io/freeipa/issue/7493 to
even set up the first VM replica, but this issue is separate.
Currently, the problem is it can't connect to it's own LDAP instance due
to some kind of error ... ipa-replica-install worked fine on the x86_64
VM but on the armv71 Pi 3B when it tries to connect to LDAPI instead of
usingĀ 'ldapi:///var/run//slapd-COMPANY-INTERNAL.socket' it
usesĀ 'ldapi://%2Fvar%2Frun%2Fslapd-COMPANY-INTERNAL.socket'.
So it seems there is yet another ARM (or non-x86_64) bug ... similar to
the problem with httpd and passing the KRB5CCNAME properly
https://pagure.io/freeipa/issue/7337
Any ideas on where to look to patch in a fix to this so it uses the
correct filename? The socket file is there ... and (at the time it
tries) LDAP is running.
What makes you think the ldapi URI is the problem?
Can you share the logs?
rob