On 03/21/2011 02:31 PM, Simo Sorce wrote:
On Sun, 20 Mar 2011 18:28:12 +0100
Sigbjorn Lie<[email protected]> wrote:
Hi,
I just did a fresh installation of FreeIPA 2 on a host called ipa1,
created a replica on a second server called ipa2. I then created a
winsync replica to an AD domain on the ipa1 host.
I noticed that I forgot the --win-subtree option and decided to
delete the replication agreement:
# ipa-replica-manage -H ipa1.ix.nowhere.com del dc01.ad.nowhere.com
Directory Manager password:
Unable to delete replica dc01.ad.nowhere.com: {'desc': "Can't contact
LDAP server"}
This is not the correct command to use.
If I did a force a got a bit more output, where it complains about
the ipa2 replica server not having a sync agreement with the dc01
server.
# ipa-replica-manage -v -f -H ipa1.ix.nowhere.com del
dc01.ad.nowhere.com Directory Manager password:
Unable to connect to replica dc01.ad.nowhere.com, forcing removal
Forcing removal on 'dc01.ad.nowhere.com'
'ipa2.ix.nowhere.com' has no replication agreement for
'dc01.ad.nowhere.com'
Is this intended behavior or a bug?
Intended, to remove the AD replication link you need to 'disconnect'
the AD server.
Use:
ipa-replica-manage disconnect dc01.ad.nowhere.com
Ah, thank you. :)
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
