Steven Jones wrote:
steps
==============
1) Fresh replica key
2) attempt to join with the ipa-manage-replica key command this fails
3) Check the 2nd servers dirsrv is running (service dirsrv status), if not
start it with service dirsrv start
4) run ipa-replica-manage force-sync -from ipa1 on ipa2
5) Check the 2nd servers dirsrv is still running
6) On Ipa1 (the master) run ipa-replica-manage del ipam002
7) run ipa-server-install --uninstall on ipam002
8) run ipa-server-install and this seems to succeed
I still don't understand. What is step #1? You add a new replica by
doign an ipa-replica-prepare and ipa-replica-instal. Is that what you
mean? I don't understand why ipa-replica-manage would come into play
when adding a new replica.
So far 1 to 2 and 2 to 1 replication is running HOWEVER replication on 2 to 3
does NOT work.....1 to 3 does and 3 to 1 does. I tried running
ipa-replica-manage force-sync --from ipam1 but this wont sync, yet it used
to.....
==============
So when adding 2 back in replication 1 to 3 breaks.....so I tried removing 3
and re-adding and that failed.....I get a GSSAPI error....
If you delete a replica you need to restart the dirsrv service on any
masters it was connected to. 389-ds caches the GSSAPI credentials and
re-installing a replica will generate new ones which won't get picked up
until a restart.
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
