Hi,

I deleted more than 50 users from AD and expected IPA to do the same.
However the EXAMPLE-COM 389-ds instance just crashed and I can't start it anymore.


Could you please help with this issue?

The error logging is set to REPL|PLUGIN.
I can see the following in error log:

tail /var/log/dirsrv/slapd-EXAMPLE-COM/errors

[23/Jun/2011:14:55:51 +0100] NSMMReplicationPlugin - agmt="cn=meTodc1.win.example.com" (dc1:389): map_entry_dn_outbound: looking for AD entry for DS dn="uid=mtf,cn=users,cn=accounts,dc=example,dc=com" guid="cc62cd9765c139458d9a21fdddf50eae"
[23/Jun/2011:14:55:51 +0100] - Calling windows entry search request plugin
[23/Jun/2011:14:55:51 +0100] ipa-winsync - --> ipa_winsync_pre_ad_search_cb -- begin [23/Jun/2011:14:55:51 +0100] ipa-winsync - <-- ipa_winsync_pre_ad_search_cb -- end [23/Jun/2011:14:55:51 +0100] NSMMReplicationPlugin - Could not retrieve entry from Windows using search base [<GUID=cc62cd9765c139458d9a21fdddf50eae>] scope [0] filter [(objectclass=*)]: error 32:No such object [23/Jun/2011:14:55:51 +0100] NSMMReplicationPlugin - agmt="cn=meTodc1.win.example.com" (dc1:389): map_entry_dn_outbound: return code -1 from search for AD entry dn="<GUID=cc62cd9765c139458d9a21fdddf50eae>" or dn="(null)" [23/Jun/2011:14:55:51 +0100] NSMMReplicationPlugin - agmt="cn=meTodc1.win.example.com" (dc1:389): map_entry_dn_outbound: entry not found - rc -1 [23/Jun/2011:14:55:51 +0100] NSMMReplicationPlugin - agmt="cn=meTodc1.win.example.com" (dc1:389): windows_replay_update: Processing modify operation local dn="uid=mtf,cn=users,cn=accounts,dc=example,dc=com" remote dn="<GUID=cc62cd9765c139458d9a21fdddf50eae>" [23/Jun/2011:14:55:51 +0100] ipa-winsync - --> ipa_winsync_pre_ad_mod_user_mods_cb -- begin [23/Jun/2011:14:55:51 +0100] ipa-winsync - <-- ipa_check_account_lock - entry [uid=mtf,cn=users,cn=accounts,dc=example,dc=com] has real attribute nsAccountLock and entry is locked

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to