On May 21, 2014, at 2:45 , Martin Kosek <[email protected]> wrote: > On 05/21/2014 08:36 AM, Davis Goodman wrote: >> Hi, >> >> Lately I’ve been having issues of replication between my server and my 2 >> replicas. >> >> I decided I was going to delete my 2 replicas and start over keeping my >> master intact. >> >> I wasn`t successfull in getting all 3 servers to replicate to each other. ( >> it used to work) >> >> I tried deleting 1 replica after the other one to always keep one of the >> two available. >> >> I had to delete manually the replica host on the master with a bunch of >> ldapdelete command which worked fine. >> >> But after many unsuccessful trials of getting everyone to sync I decided to >> delete my two replicas. >> >> I went back to my master to use the ldapdelete to remove both host`s records >> so that I could start over. >> >> Unfortunately now I’m getting this error. >> >> ldapdelete -x -D "cn=Directory Manager" -W >> cn=DNS,cn=freeipa02.mtl.domain.int,cn=masters,cn=ipa,cn=etc,dc=domain,dc=int >> Enter LDAP Password: >> ldap_delete: Server is unwilling to perform (53) >> additional info: database is read-only >> >> >> >> I’m kinda stuck now with no replicas and no DNS. I could restore the backup >> prior to the start of the operation but with a master in read-only mode it >> wouldn’t of much help. >> >> Any insights would be more than welcome. >> >> >> Davis > > Hi Davis, did maybe some of your ipa-replica-manage crashed in a middle of an > operation or an upgrade was interrupted and left the database put in read > only > mode? > > You can find out with this ldapsearch: > > ldapsearch -h `hostname` -D "cn=Directory Manager" -x -w kokos123 -b > 'cn=userRoot,cn=ldbm database,cn=plugins,cn=config' -s base > > Check for nsslapd-readonly, it should be put to "off" in normal operation. > > Martin Ok finally managed to modify the read-only flag. Could prepare my replicas and get them going. Everything seems fine but I’m getting this error while setting up the replicas. Should I be concerned about this one: Update in progress Update in progress Update in progress Update in progress Update in progress Update in progress Update succeeded [23/31]: adding replication acis [24/31]: setting Auto Member configuration [25/31]: enabling S4U2Proxy delegation ipa : CRITICAL Failed to load replica-s4u2proxy.ldif: Command '/usr/bin/ldapmodify -v -f /tmp/tmplpfMNG -H ldap://freeipa02.mtl.ddistrict.int:389 -x -D cn=Directory Manager -y /tmp/tmp4Svn9k' returned non-zero exit status 20 [26/31]: initializing group membership [27/31]: adding master entry [28/31]: configuring Posix uid/gid generation the rest seems to work fine.
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
