On Tue, Aug 6, 2019 at 3:55 PM Auerbach, Steven <steven.auerb...@flbog.edu> wrote: > > Pure genius. FQDN on ipa commands..... Unless I read the documentation > cover-to-cover before starting anything I would never have found this. > Thanks.
Our (collective) pleasure to help. Thanks for thanking us :) François > -Steven Auerbach > > -----Original Message----- > From: François Cami <fc...@redhat.com> > Sent: Tuesday, August 6, 2019 9:28 AM > To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> > Cc: Rob Crittenden <rcrit...@redhat.com>; Auerbach, Steven > <steven.auerb...@flbog.edu> > Subject: Re: [Freeipa-users] Re: Replacing IPA v3.0.0-51 on OEL6 with IPA > v4.6.4-10 on OEL7: Making the newest replica the master > > On Tue, Aug 6, 2019 at 2:59 PM Auerbach, Steven via FreeIPA-users > <freeipa-users@lists.fedorahosted.org> wrote: > > > > When I add the --no-lookup option on the v4.6.4 ipa server I get the same > > results I received on the v3.0.0 server: > > " Cannot find ipa<#> in public server list" > > Are you using the FQDN of your IPA servers? > The ipa-replica-manage command will not find IPA servers by their shortnames > (and that's expected). > > > > If I cannot even verify these servers in the group, how am I supposed to > > test the integrity of current inter-version replication? And how will I > > ever migrate the whole directory and all the inter-related services of IPA > > to two new servers of version 4.6.4? The functions do not appear to work > > as documented, and my trust that the command operations will behave as > > documented is really shaken. > > > > Is my best option to build a new IPA server pair in version 4.6.4 and > > de-enroll all the clients and users from the older v3.0.0 IPA and then > > enroll them into the v4.6.4 IPA? > > > > -----Original Message----- > > From: Rob Crittenden <rcrit...@redhat.com> > > Sent: Monday, August 5, 2019 5:16 PM > > To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> > > Cc: Auerbach, Steven <steven.auerb...@flbog.edu> > > Subject: Re: [Freeipa-users] Re: Replacing IPA v3.0.0-51 on OEL6 with > > IPA v4.6.4-10 on OEL7: Making the newest replica the master > > > > Auerbach, Steven via FreeIPA-users wrote: > > > From the master-master original IPA v3.0.0 server - <ipa1> - I ran and > > > received the following responses: > > > NOTE: using aliases within arrow points for ambiguation. > > > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa1>' > > > [sudo] password for <user>: > > > Cannot find <ipa1> in public server list > > > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa2>' > > > Directory Manager password: > > > > > > Cannot find <ipa2> in public server list > > > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa3>' > > > Directory Manager password: > > > > > > Cannot find <ipa3> in public server list > > > > It is looking for the list of masters in > > cn=masters,cn=ipa,cn=etc,dc=example,dc=com. I'd search that to see what is > > there. > > > > A plain ipa-replica-manage list will list all masters and IIRC they do show. > > > > > From the replica-master server recently made with IPA v4.6.5 - <ipa3> - > > > I ran and received the following responses: > > > NOTE: using aliases within arrow points for ambiguation. > > > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa1>' > > > [sudo] password for <user>: > > > Unknown host <ipa1>: Host '<ipa1>' does not have corresponding DNS > > > A/AAAA record > > > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa2>' > > > Directory Manager password: > > > > > > Unknown host ipa-r02: Host 'ipa-r02' does not have corresponding DNS > > > A/AAAA record > > > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa3>' > > > Directory Manager password: > > > > > > Unknown host ipa03: Host 'ipa03' does not have corresponding DNS > > > A/AAAA record > > > > Try adding --no-lookup to the command to skip the lookup. > > > > rob > > > > > > > > > > > > > > Steven Auerbach > > > Assistant Director of Information Systems Information Technology & > > > Security State University System of Florida Board of Governors > > > 325 W. Gaines Street, Suite 1625 > > > Tallahassee, Florida 32399 > > > (850) 245-9592 > > > steven.auerb...@flbog.edu > > > _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org