IPA Server re-installation fails with error "ipaserver.install.bindinstance: ERROR Named service failed to start (Command '/bin/systemctl restart named-pkcs11.service' returned non-zero exit status 1)"

Solution Verified - Updated -

Issue

  • IPA Server re-installation fails with following error,
Dec 10 14:40:40 ipa1.example.com named-pkcs11[34231]: LDAP error: Invalid credentials: bind to LDAP server failed
Dec 10 14:40:40 ipa1.example.com named-pkcs11[34231]: couldn't establish connection in LDAP connection pool: permission denied
Dec 10 14:40:40 ipa1.example.com named-pkcs11[34231]: dynamic database 'ipa' configuration failed: permission denied
Dec 10 14:40:40 ipa1.example.com named-pkcs11[34231]: loading configuration: permission denied
Dec 10 14:40:40 ipa1.example.com named-pkcs11[34231]: exiting (due to fatal error)
Dec 10 14:40:40 ipa1.example.com systemd[1]: named-pkcs11.service: control process exited, code=exited status=1
Dec 10 14:40:40 ipa1.example.com systemd[1]: Failed to start Berkeley Internet Name Domain (DNS) with native PKCS#11.
Dec 10 14:40:40 ipa1.example.com systemd[1]: Unit named-pkcs11.service entered failed state.
Dec 10 14:40:40 ipa1.example.com systemd[1]: named-pkcs11.service failed.

Environment

  • Red Hat Enterprise Linux 7
  • IPA (ipa-server-4.6.x)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content