Thank you for the reply. I think I just got frustrated. I uninstalled ipa on the dir2 replica then set it back up again as a replica. Everything seems to be replicating just fine without errors now. I know that this isn't the preferred or documented solution but i needed the server back online asap.
When i run "ipa-replica-manage list-ruv" i see dir2 listed twice. Is this a concern? [root@dir1 ipa]# ipa-replica-manage list-ruv dir1.example.com:389: 4 dir3.example.com:389: 5 dir2.example.com:389: 6 dir2.example.com:389: 8 On Tue, May 19, 2015 at 12:37 PM, Rich Megginson <[email protected]> wrote: > On 05/19/2015 10:10 AM, Megan . wrote: >> >> I'm struggling with a replication conflict. I had three masters, >> dir1, dir2, dir3. There were some weird issues with dir2 where I was >> getting "error 49 (Invalid credentials)" without any real >> information. > > > Where did you see this? command line output? Of what command? In a log > file? Which log file? Can you post the exact error message along with the > context? > >> When i did " ipa-replica-manage list-ruv" i saw dir2 >> twice. > > > Can you post the output? > >> I couldn't get it straight > > > What does "get it straight" mean? Does it mean you ran some commands? If > so, what commands did you run and what was the result? > >> so i decided to try to re-create >> the replica. I disconnected the replica, ran the del for the replica. >> When i check for replication conflicts i still see it in there and I >> can't seem to get it to go away. > > > Deleting and recreating the replica will not remove the replication conflict > if the conflict has been replicated to other servers. > > This document doesn't say anything about resolving replica conflict entries > by deleting and re-adding replicas: > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html > >> It only shows up on one of the >> remaining masters. >> >> I was trying to follow the documentation > > > The link above? > >> and use ldapmodify to change >> the dn to cn=olddir2.somewhere.example.something.com7475d90c but >> everything i seem to be trying doesn't work. > > > What exactly did you do? > >> >> I'm assuming this entry needs to be cleared up before i can >> successfully setup dir2 again as a replica. > > > No, not necessarily. > > >> >> Any help would be greatly appreciated. >> >> Thanks! >> >> >> [root@dir1 ~]# ldapsearch -x -D "cn=directory manager" -W -b >> "dc=somewhere,dc=example,dc=something,dc=com" "nsds5ReplConflict=*" \* >> nsds5ReplConflict >> Enter LDAP Password: >> # extended LDIF >> # >> # LDAPv3 >> # base <dc=somewhere,dc=example,dc=something,dc=com> with scope subtree >> # filter: nsds5ReplConflict=* >> # requesting: * nsds5ReplConflict >> # >> >> # dir2.somewhere.example.something.com + >> 7475d90c-f34911e4-99a0ab24-58022cdf, masters >> , ipa, etc, somewhere.example.something.com >> dn: >> cn=dir2.somewhere.example.something.com+nsuniqueid=7475d90c-f34911e4-99a0ab24-5802 >> >> 2cdf,cn=masters,cn=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com >> nsds5ReplConflict: namingConflict >> cn=dir2.somewhere.example.something.com,cn=masters,c >> n=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com >> objectClass: top >> objectClass: nsContainer >> cn: dir2.somewhere.example.something.com >> >> # search result >> search: 2 >> result: 0 Success >> >> # numResponses: 2 >> # numEntries: 1 >> > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
