john.bowman--- via FreeIPA-users wrote:
After a crash of one of  our IPA servers this morning I noticed that two of the 
6 IPA servers we use have an old replica listed.  It was part of a previous 
failed install attempt.  Normally in this situation I would use the clean-ruv 
but the replica doesn't appear in the list-ruv output.  Is there another way to 
clean this bad entry?

# ipa-replica-manage list
Directory Manager password:

ipa1.domain.tld: master
ipa2.domain.tld: master     <---  No longer exists.
ipa3.domain.tld: master
ipa4.domain.tld: master
ipa5.domain.tld: master
ipa6.domain.tld: master
ipa7.domain.tld: master

# ipa-replica-manage list-ruv
Directory Manager password:

ipa3.domain.tld:389: 8
ipa4.domain.tld:389: 9
ipa1.domain.tld:389: 3
ipa5.domain.tld:389: 12
ipa6.domain.tld:389: 19
ipa7.domain.tld:389: 21

The list just pulls the set of masters out of cn=masters, ..., $SUFFIX and displays them. It could be just a leftover that needs cleanup.

Probably safest to check on every master to ensure there isn't some lingering replication agreement for ipa2.

Once you're sure it really is just a leftover you can remove it with:

# ipa-replica-manage del ipa2.domain.tld --force --cleanup

FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to