I have an idea for a new feature. I've been having a lot of problems
with replication recently and I think the following would be useful.
Can we show the replication status of the masters/replicas? And also
show whether they contain a CA?
ipa-replica-manage -v list
server1.example.com: master,CA [Up-to-date]
server2.example.com: master,CA [Not replicating!]
server3.example.com: master [Up-to-date]
Some of the recent updates to IPA have caused replication problems for
me. The first that I know about it is when I start getting weird
problems like inconsistent results from user lookups, etc. Or when
users start complaining. This would be a useful way to get the overall
status of my IPA servers.
I would also like a related feature which would check the servers
remotely to ensure that the required services are running. i.e. Test
that I can get a kerberos ticket, perform an LDAP lookup, the CA is
Freeipa-users mailing list