did you run the searches as directory manager ?
On 04/29/2015 04:34 PM, Andy Thompson wrote:
-----Original Message-----
From: Ludwig Krispenz [mailto:lkris...@redhat.com]
Sent: Wednesday, April 29, 2015 10:28 AM
To: Andy Thompson
Cc: thierry bordaz; Martin Kosek; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] deleting ipa user
can you do the followin search on both servers ?
ldapsearch -LLL -o ldif-wrap=no -h xxx p xxx -x -D "cn=directory manager" -
w xxx -b "dc=xxx.... "
"(&(objectclass=nstombstone)(nsuniqueid=7e1a1f87-e82611e4-99f1b343-
f0abc1a8))"
nscpentrywsi | grep -i objectClass
The server that I initially attempted the deletion on returns nothing. The
second server (the one currently throwing the consumer failed replay error)
returns this if I remove the nscpentrywsi attribute filter. If I leave the
attribute filter I don't get anything
objectClass: posixgroup
objectClass: ipaobject
objectClass: mepManagedEntry
objectClass: top
objectClass: nsTombstone
-andy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
