Help

Open directory master creation fails

schwende
New Contributor

Posted on ‎03-10-2014 10:50 AM

So, ran into issues with workgroup manager, yes I know, Profile manager is the new way. Anyways, server 10.9.2 3.0.3 version. Trying to create open directory master and it says that it created but had errors. When that happens, the OD is not available and I have to go through it again. Logs give me a ton of stuff I can't really read.

2014-03-10 17:41:19 +0000 Success. Master creation is possible.
2014-03-10 17:41:20 +0000 Success. Master creation is possible.
2014-03-10 17:41:21 +0000 slapconfig -createldapmasterandadmin
2014-03-10 17:41:21 +0000 command: /usr/bin/sntp -s time.apple.com.
2014-03-10 17:41:21 +0000 Success. Master creation is possible.
2014-03-10 17:41:21 +0000 Starting LDAP server (slapd)
2014-03-10 17:41:23 +0000 slapd started
2014-03-10 17:41:23 +0000 command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:35 +0000 command: /usr/sbin/slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
2014-03-10 17:41:35 +0000 Stopping LDAP server (slapd)
2014-03-10 17:41:41 +0000 Starting LDAP server (slapd)
2014-03-10 17:41:42 +0000 slapd started
2014-03-10 17:41:42 +0000 Save of LDAP configuration failed with error 10000
2014-03-10 17:41:42 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:42 +0000 adding new entry "olcOverlay=unique,olcDatabase={1}bdb,cn=config"

adding new entry "olcOverlay=dynid,olcDatabase={1}bdb,cn=config"

adding new entry "olcOverlay=dynid,olcDatabase={1}bdb,cn=config"

adding new entry "olcOverlay=nestedgroup,olcDatabase={1}bdb,cn=config"

adding new entry "olcOverlay={0}odusers,olcDatabase={-1}frontend,cn=config"

adding new entry "olcOverlay=syncprov,olcDatabase={1}bdb,cn=config"

adding new entry "olcOverlay=syncprov,olcDatabase={2}bdb,cn=config"
2014-03-10 17:41:42 +0000 command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:42 +0000 adding new entry "cn={9}customSchema,cn=schema,cn=config"
2014-03-10 17:41:42 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:42 +0000 command: /usr/bin/ldapsearch -x -LLL -H ldapi://%2Fvar%2Frun%2Fldapi -b cn=config -s base olcServerID
2014-03-10 17:41:42 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:42 +0000 Configuring Kerberos server, realm is FQDN
2014-03-10 17:41:42 +0000 command: /usr/sbin/kdcsetup -a diradmin -v 1 FQDN
2014-03-10 17:41:46 +0000 Opening ldapi connection to the LDAP user data Opening ldapi connection to the LDAP auth data Creating KDC for OD Master Creating Kerberos directory Creating KDC Config File Creating Kerberos ACL file Adding KDC config data to the KerberosKDC config record Adding KDC config data to the KerberosClient config record Creating KDC database Creating new random master key Successfully created KDC for OD Master
2014-03-10 17:41:46 +0000 Updating user records and principals
2014-03-10 17:41:46 +0000 No ldap principal found in keytab, skipping rootDSE population
2014-03-10 17:41:46 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2014-03-10 17:41:46 +0000 Stopping LDAP server (slapd)
2014-03-10 17:41:48 +0000 Starting LDAP server (slapd)
2014-03-10 17:41:48 +0000 slapd started
2014-03-10 17:41:49 +0000 Creating admin user
2014-03-10 17:41:52 +0000 Creating certificate authorities & hostname certificate
2014-03-10 17:41:53 +0000 Creating root CA with FQDN Open Directory Certification Authority
2014-03-10 17:41:53 +0000 ***Error creating domain CA. Error - The specified item already exists in the keychain.
2014-03-10 17:41:53 +0000 Root CA creation failed with error - -25299
2014-03-10 17:41:53 +0000 Destroying OD master as CA creation failed with error 75
2014-03-10 17:41:53 +0000 Logging slapd container data to /var/run/slapconfig_error_1394473313
2014-03-10 17:41:53 +0000 Stopping LDAP server (slapd)
2014-03-10 17:41:57 +0000 command: /usr/sbin/slapcat -l /var/run/slapconfig_error_1394473313/user.ldif
2014-03-10 17:41:57 +0000 command: /usr/sbin/slapcat -b cn=authdata -l /var/run/slapconfig_error_1394473313/authdata.ldif
2014-03-10 17:41:57 +0000 CopyReplicaArray: ldap_search_ext_s failed
2014-03-10 17:41:57 +0000 Error retrieving replica array
2014-03-10 17:41:57 +0000 Deleting Cert Authority related data
2014-03-10 17:41:57 +0000 No intCAIdentity, not removing int CA from keychain
2014-03-10 17:41:57 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd.plist
2014-03-10 17:41:57 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd-helper.plist
2014-03-10 17:41:57 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertadmin.plist
2014-03-10 17:41:57 +0000 void _destroyLDAPServer(const char *): Failed to find computer record named megatron.cord.edu$: 10000 Operation is not supported by the directory node.
2014-03-10 17:41:57 +0000 Updating ldapreplicas on primary master
2014-03-10 17:41:57 +0000 CopyLdapReplicas: Unable to create DSLDAPContainer: 77014 Can't contact LDAP server (-1)
2014-03-10 17:41:57 +0000 CopyPrimaryMaster: CopyLdapReplicas failed
2014-03-10 17:41:57 +0000 Unable to locate primary master
2014-03-10 17:41:57 +0000 Primary master node is nil!
2014-03-10 17:41:57 +0000 Unable to locate ldapreplicas record: 0 (null)
2014-03-10 17:41:57 +0000 Error setting read ldap replicas array: 0 (null)
2014-03-10 17:41:57 +0000 Error setting write ldap replicas array: 0 (null)
2014-03-10 17:41:57 +0000 ODRecord *_getODRecord(ODNode *, NSString *, NSString *, NSArray *): ODNodeRef parameter error
2014-03-10 17:41:57 +0000 int _removeReplicaFromConfigRecord(ODNode *, NSString *): ODRecord not found
2014-03-10 17:41:57 +0000 Error synchronizing ldapreplicas: 0 (null)
2014-03-10 17:41:57 +0000 Removing self from the database
2014-03-10 17:41:57 +0000 Warning: An error occurred while re-enabling GSSAPI.
2014-03-10 17:41:57 +0000 Stopping LDAP server (slapd)
2014-03-10 17:41:57 +0000 Stopping password server
2014-03-10 17:41:57 +0000 Removed all service principals from keytab for realm FQDN
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.001.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.002.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.003.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.004.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.005.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/__db.006.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/altSecurityIdentities.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/apple-config-realname.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/apple-generateduid.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/apple-group-memberguid.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/apple-group-realname.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/cn.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/DB_CONFIG.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/dn2id.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/entryCSN.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/entryUUID.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/gidNumber.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/id2entry.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/ipHostNumber.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/log.0000000001.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/macAddress.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/memberUid.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/objectClass.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/ou.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/sn.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/uid.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/openldap-data/uidNumber.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.001.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.002.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.003.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.004.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.005.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/__db.006.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/alock.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/authGUID.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/DB_CONFIG.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/dn2id.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/draft-krbPrincipalName.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/entryCSN.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/entryUUID.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/id2entry.bdb.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/log.0000000001.
2014-03-10 17:41:57 +0000 Removed file at path /var/db/openldap/authdata/objectClass.bdb.
2014-03-10 17:41:57 +0000 Removed directory at path /var/db/openldap/authdata.
2014-03-10 17:41:57 +0000 Removed file at path /etc/openldap/slapd_macosxserver.conf.
2014-03-10 17:41:57 +0000 Removed file at path /etc/openldap/slapd.conf.
2014-03-10 17:41:57 +0000 Removed file at path /etc/openldap/rootDSE.ldif.
2014-03-10 17:41:57 +0000 Removed directory at path /etc/openldap/slapd.d/cn=config.
2014-03-10 17:41:57 +0000 Removed file at path /etc/openldap/slapd.d/cn=config.ldif.
2014-03-10 17:41:57 +0000 Removed directory at path /etc/openldap/slapd.d.
2014-03-10 17:41:57 +0000 Removed directory at path /etc/openldap/slapd.d.backup/cn=config.
2014-03-10 17:41:57 +0000 Removed file at path /etc/openldap/slapd.d.backup/cn=config.ldif.
2014-03-10 17:41:57 +0000 Removed directory at path /etc/openldap/slapd.d.backup.
2014-03-10 17:41:57 +0000 Stopping password server
2014-03-10 17:41:57 +0000 Removed file at path /Library/Preferences/com.apple.openldap.plist.
2014-03-10 17:41:57 +0000 Removed file at path /var/run/slapconfig.lock.

Does this tell anyone what is going on?

The Open Directory log gives me: CDT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/ldapi://%2Fvar%2Frun%Fldapi

0 Kudos
Reply
2 REPLIES 2

bughollow
New Contributor III

Posted on ‎07-13-2014 08:56 PM

Were you able to resolve this? I have the same error, consistently. My DNS is working. I have backed up and restore and even tired creating a master on a freshly installed OS on another box. Same issue? Help!!

0 Kudos
Reply

geoffreykobrien
Contributor

Posted on ‎07-14-2014 08:12 AM

2014-03-10 17:41:53 +0000 Creating root CA with FQDN Open Directory Certification Authority
2014-03-10 17:41:53 +0000 ***Error creating domain CA. Error - The specified item already exists in the keychain.

Delete this keychain file

I would also make the host entries in your /etc/hosts file to ensure the DNS is functioning.

0 Kudos
Reply