Shashi Dahal wrote:
> Hi Rob,
> From server A and server B(itself), if I give that command, i get:
> last update status: -1 - LDAP error: Can't contact LDAP server
I'd start with checking basic connectivity to ensure that A/B can talk
to port 389 on C.
> From server C, I get:
> Cannot find cab0558.sdn1.ams1.spil in public server list
This suggests that even C doesn't think it is a master.
# ipa-replica-manage list
On C will show what it thinks is the list of available masters.
I'd also look at the replication agreements that C has:
# ldapsearch -x -D 'cn=directory manager' -W -b 'cn=mapping tree,cn=config'
> Please let me know what steps to do next. I am completely lost.
> From: Rob Crittenden [rcrit...@redhat.com]
> Sent: Thursday, October 30, 2014 4:31 PM
> To: Shashi Dahal; email@example.com
> Subject: Re: [Freeipa-users] adding replication agreements
> Shashi Dahal wrote:
>> I have ipa master server: A
>> and I have 2 ipa replicas: B and C
>> replica B crashed, so it was deleted from A and recreated using
>> ipa-replica-parepare to generate the file and set it up from there.
>> in server A B and C, if I do ipa-replica-manage list
>> serverA lists A B and C as master
>> serverB lists A B and C as master
>> serverC lists only A and C as master .. B is missing.
>> trying the command ipa-replica-manage connect B from serverC
>> gives: You cannot connect to a previously deleted master
>> now how do I add trust relationship between C and B ?
> I changed the subject as this isn't trust, it's replication. I don't
> want to be pedantic but there is a significant difference.
> What I'd do, on each master, is this:
> ipa-replica-manage list -v `hostname`
> I think you'll find that C isn't getting updates. The masters list is
> stored in LDAP so if C doesn't know that B exists it likely means that
> its data is stale.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project