Hi, On Wed, Oct 30, 2024 at 11:17 PM Orion Poplawski via FreeIPA-users < [email protected]> wrote:
> We have some issues with installing new replicas, apparently triggered by > incomplete replication between the existing servers. > > I'm trying to cleanup the orphaned replica agreements: > > dn: cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=dc\3Dnw > ra\2Cdc\3Dcom,cn=mapping tree,cn=config > nsDS5ReplicaLastUpdateStatus: Error (-1) Problem connecting to replica - > LDAP > error: Can't contact LDAP server (connection error) > > dn: cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=o\3Dipa > ca,cn=mapping tree,cn=config > nsDS5ReplicaLastUpdateStatus: Error (-1) Problem connecting to replica - > LDAP > error: Can't contact LDAP server (connection error) > > > But that appears to be hanging: > > # ldapmodify -h ipa-seattle01.nwra.com -D "cn=directory manager" -W <<EOF > > dn: > cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=o\3Dipaca,cn=mapping > tree,cn=config > > changetype: delete > > > > dn: > cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=dc\3Dnwra\2Cdc\3Dcom,cn=mapping > tree,cn=config > > changetype: delete > > EOF > Enter LDAP Password: > deleting entry > "cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=o\3Dipaca,cn=mapping > tree,cn=config" > > > Any idea what would cause this? > I think you need to have an empty line just before the EOF. flo > access on ipa-seattle01: > > [30/Oct/2024:14:59:53.669549056 -0700] conn=351148 fd=248 slot=248 > connection > from 10.10.41.3 to 10.30.10.11 > [30/Oct/2024:14:59:53.670365938 -0700] conn=351148 op=0 BIND > dn="cn=directory > manager" method=128 version=3 > [30/Oct/2024:14:59:53.670564728 -0700] conn=351148 op=0 RESULT err=0 tag=97 > nentries=0 wtime=0.000495680 optime=0.000235976 etime=0.000728682 > dn="cn=directory manager" > [30/Oct/2024:14:59:53.701779783 -0700] conn=351148 op=1 DEL > dn="cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com > ,cn=replica,cn=o\3Dipaca,cn=mapping > tree,cn=config" > > errors: > > [30/Oct/2024:14:58:48.666432741 -0700] - WARN - NSMMReplicationPlugin - > prot_stop - Incremental protocol for replica > "agmt="cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com" > (ipa-bld01:389)" > did not shut down properly. > [30/Oct/2024:15:01:53.781236011 -0700] - WARN - NSMMReplicationPlugin - > prot_stop - Incremental protocol for replica > "agmt="cn=ipa-seattle01.nwra.com-to-ipa-bld01.cora.nwra.com" > (ipa-bld01:389)" > did not shut down properly. > > > -- > Orion Poplawski > he/him/his - surely the least important thing about me > Manager of IT Systems 720-772-5637 > NWRA, Boulder Office FAX: 303-415-9702 > 3380 Mitchell Lane [email protected] > Boulder, CO 80301 https://www.nwra.com/ > > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
