On Tue, Apr 17, 2012 at 09:26, Rich Megginson <rmegg...@redhat.com> wrote:
> On 04/17/2012 07:26 AM, Dan Scott wrote:
>> On Fri, Apr 13, 2012 at 17:44, Rich Megginson<rmegg...@redhat.com>  wrote:
>>> On 04/13/2012 03:40 PM, Dan Scott wrote:
>>>> I cleaned up all the "ruv_compare_ruv: RUV [changelog max RUV] does
>>>> not contain element" errors in the logs for each of fileservers 1, 2
>>>> and 3. The ldapsearch for
>>>> '(&(nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff)(objectclass=nstombstone))'
>>>> is still showing entries though. Is that OK?
>>> The entry should exist, but the deleted servers should not be present in
>>> the
>>> nsds50ruv attribute.
>> OK, so it's safe to delete replica entries which have
>> ldap://fileserver4.ecg.mit.edu:389 (fileserver4 is not currently a
>> replica) but not for the other servers?
> Yes.  Following the CLEANRUV procedure:
> http://port389.org/wiki/Howto:CLEANRUV

Thanks. I think I'm getting there - removed the tombstones from the
main directory and the PKI-IPA directory (only one server so far
though). I still have a few strange entries though:

[root@fileserver1 ~]# ldapsearch -xLLL -D "cn=directory manager" -W -b
Enter LDAP Password:
dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,dc=ecg,dc=mit,dc=edu
objectClass: top
objectClass: nsTombstone
objectClass: extensibleobject
nsds50ruv: {replicageneration} 4e7b746e000000040000
nsds50ruv: {replica 6 ldap://fileserver1.ecg.mit.edu:389} 4f50e685001d00060000
nsds50ruv: {replica 43 ldap://fileserver2.ecg.mit.edu:389} 4f88cf450001002b000
 0 4f8d78140000002b0000
nsds50ruv: {replica 5 ldap://fileserver3.ecg.mit.edu:389} 4f5047ad001d00050000
nsds50ruv: {replica 4 ldap://fileserver3.ecg.mit.edu:389}
nsds50ruv: {replica 9 ldap://fileserver3.ecg.mit.edu:389}
nsds50ruv: {replica 8 ldap://fileserver3.ecg.mit.edu:389} 4f7363d2001d00080000
dc: ecg
nsruvReplicaLastModified: {replica 6 ldap://fileserver1.ecg.mit.edu:389} 4f8d7
nsruvReplicaLastModified: {replica 43 ldap://fileserver2.ecg.mit.edu:389} 4f8d
nsruvReplicaLastModified: {replica 5 ldap://fileserver3.ecg.mit.edu:389} 4f8d7
nsruvReplicaLastModified: {replica 4 ldap://fileserver3.ecg.mit.edu:389} 00000
nsruvReplicaLastModified: {replica 9 ldap://fileserver3.ecg.mit.edu:389} 00000
nsruvReplicaLastModified: {replica 8 ldap://fileserver3.ecg.mit.edu:389} 00000

Is it safe to run CLEANRUV on IDs 4 and 9? That still leaves me with 2
entries for fileserver3. How do I know which one to delete?

On my PKI-IPA server, the CLEANRUV task doesn't seem to work. It keeps
re-adding entries after I remove them. I have 3 entries for my
non-existent fileserver4 - They disappear when I remove them, but they
come back after a few minutes.



Freeipa-users mailing list

Reply via email to