Hello Rob,

The strange thing i have here is. The server2 has all of my servers listed
on the web interface but the server1 not have all of this servers.

When i run the command :

# ipa-replica-manage list -v server2.domain
server1.domain: replica
  last init status: None
  last init ended: 1970-01-01 00:00:00+00:00
  last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
  last update ended: 2017-06-27 14:57:34+00:00


# ipa-replica-manage list -v server1.domain
server2.domain: replica
  last init status: None
  last init ended: 1970-01-01 00:00:00+00:00
  last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
  last update ended: 2017-06-27 14:57:41+00:00


No problems with the sincronization.

My doubt is this. Why i have differences on the two web interfaces. Another
error i have in the structure is this :


# ssh app01
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
f5:21:f0:0c:b7:4b:cf:c4:f2:8f:9c:8a:75:d3:55:5c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending RSA key in /var/lib/sss/pubconf/known_hosts:4
RSA host key for app01 has changed and you have requested strict checking.
Host key verification failed.

And this server is one of the servers listed on server2 and not on the
server1 .

Thanks for your help,



On Tue, Jun 27, 2017 at 11:47 AM Rob Crittenden <rcrit...@redhat.com> wrote:

> Ataliba Teixeira via FreeIPA-users wrote:
> > Hello,
> >
> > reading some docs about the sync of my two servers :
> >
> > # ipa-replica-manage list
> > server1.domain: master
> > server2.domain: master
> >
> >
> > # ipa-replica-manage list-ruv
> > Directory Manager password:
> >
> > Replica Update Vectors:
> >         server2.domain:389: 7
> >         server1.domain:389: 4
> > Certificate Server Replica Update Vectors:
> >         No CS-RUVs found.
> >
> >
> > My doubt is . To solve this i only need to run the command :
> >
> > ipa-replica-manage force-sync --from srv2.domain
>
> I'm not sure what problem you are trying to solve. The above doesn't
> show any issues.
>
> To see replication status you need to run ipa-replica-manage list twice
> like:
>
> ipa-replica-manage list -v server1.domain
> ipa-replica-manage list -v server2.domain
>
> This will show the agreement status from both sides.
>
> rob
>
-- 

Ataliba Teixeira via Inbox by Gmail
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to