Hi German,
On Thu, 14 Feb 2019, German Parente via FreeIPA-users wrote:
excellent ! We are almost there. Thanks to you for the hard work.
We should not have two segments with connectivity "both" for CA as you
have already mentionned.
We should fix this just with the command line. If you delete the segment
using:
ipa topologysegment-del ca <one of the segments>
this should work fine. If not, with my procedure it should work as well.
Are you sure you are restarting the services after disabling the plugin?
topologysegment-del didn't work ("server unwilling to perform"), but after
temporarily disabling nsslapd-plugin on both masters and ldapdeleting the
segment, i'm fine now, i guess:
---
$ ipa topologysegment-find domain
-----------------
1 segment matched
-----------------
Segment name: ipa2.example.com-to-ipa1.example.com
Left node: ipa2.example.com
Right node: ipa1.example.com
Connectivity: both
----------------------------
Number of entries returned 1
----------------------------
$ ipa topologysegment-find ca
-----------------
1 segment matched
-----------------
Segment name: ipa2.example.com-to-ipa1.example.com
Left node: ipa2.example.com
Right node: ipa1.example.com
Connectivity: both
----------------------------
Number of entries returned 1
----------------------------
$ ipa-replica-manage -v list ipa1.example.com
ipa2.example.com: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
last update ended: 2019-02-15 16:00:00+00:00
$ ipa-replica-manage -v list ipa2.example.com
ipa1.example.com: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
last update ended: 2019-02-15 16:00:38+00:00
$ ipa-csreplica-manage -v list ipa1.example.com
ipa2.example.com
last init status: Error (0) Total update succeeded
last init ended: 2019-02-15 15:17:24+00:00
last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
last update ended: 2019-02-15 16:00:00+00:00
$ ipa-csreplica-manage -v list ipa2.example.com
ipa1.example.com
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental
update succeeded
last update ended: 2019-02-15 16:00:00+00:00
$ ipa topologysuffix-verify domain
====================================================
Replication topology of suffix "domain" is in order.
====================================================
$ ipa topologysuffix-verify ca
================================================
Replication topology of suffix "ca" is in order.
================================================
---
Thanks again for your hints.
[...]
Mit freundlichen Gruessen/With best regards,
--Daniel.
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
