IDM/IPA replication failure: Unable to acquire replica: permission denied. The bind dn does not have permission to supply replication updates to the replica.

Solution Verified - Updated -

Issue

Replication fails with the following message:

[21/Mar/2017:03:04:12.309769622 +0300] NSMMReplicationPlugin - agmt="cn=host1-to-host2" (host2:389): Unable to acquire replica: permission denied. The bind dn "" does not have permission to supply replication updates to the replica. Will retry later.

We can see in the consumer:

[21/Mar/2017:03:01:36.829610687 +0300] NSMMReplicationPlugin - conn=4058855 op=5 replica="o=<suffix>": Unable to acquire replica: error: permission denied

  • When we see this, replication is unable to go on between those two nodes.

  • Usually this happens after update to 7.3 version.

Environment

Red Hat Identity Management (IPA) 4.3, 4.4
Red Hat Enterprise Linux (RHEL) 7.2 and 7.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content