Additionally, On Replica UI, I am getting below Error Message: IPA Error 4301: CertificateOperationError
Certificate operation cannot be completed: Unable to communicate with CMS (Not Found) *Best Regards,* *__________________________________________* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> <https://twitter.com/checkwithyogesh> <http://google.com/+YogeshSharmaOnGooglePlus> On Fri, Oct 30, 2015 at 4:16 PM, Yogesh Sharma <yks0...@gmail.com> wrote: > Team, > > Noticed that user created on IPA Master are not replicating on Replica. > > Also, we create a new Zone in Master, However we do not see the same in > replica server. > > > Below is the information: > > From Master: > > [root@ipa-inf-prd-ng2-01 ~]# ipa-replica-manage list -v > ipa-inf-prd-ng2-01.klikpay.int > Directory Manager password: > > ipa-inf-prd-ng2-02.klikpay.int: replica > last init status: None > last init ended: None > last update status: -1 Unable to acquire replicaLDAP error: Can't > contact LDAP server > last update ended: None > [root@ipa-inf-prd-ng2-01 ~]# > > > > From Replica: > > > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage list -v > ipa-inf-prd-ng2-02.klikpay.int > Directory Manager password: > > ipa-inf-prd-ng2-01.klikpay.int: replica > last init status: None > last init ended: None > last update status: 0 Replica acquired successfully: Incremental update > succeeded > last update ended: 2015-10-30 10:36:25+00:00 > [root@ipa-inf-prd-ng2-02 ~]# > > > Though it says it is replicated (last update ended), We are not seeing new > users and the new DNS Zone which we created > > > I also tried force replication, though I can not see the new Changes: > > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage force-sync --from > ipa-inf-prd-ng2-01.klikpay.int > Directory Manager password: > > ipa: INFO: Setting agreement > cn=meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping > tree,cn=config schedule to 2358-2359 0 to force synch > ipa: INFO: Deleting schedule 2358-2359 0 from agreement cn= > meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping > tree,cn=config > [root@ipa-inf-prd-ng2-02 ~]# > > > Once I do re-initialization, it gives "Can't Contact LDAP Server" > > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage re-initialize --from > ipa-inf-prd-ng2-01.klikpay.int > Directory Manager password: > > ipa: INFO: Setting agreement > cn=meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping > tree,cn=config schedule to 2358-2359 0 to force synch > ipa: INFO: Deleting schedule 2358-2359 0 from agreement cn= > meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping > tree,cn=config > > [ipa-inf-prd-ng2-01.klikpay.int] reports: Update failed! Status: [-1 - > LDAP error: Can't contact LDAP server] > > > > > *Best Regards,* > > *__________________________________________* > > *Yogesh Sharma* > *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in > <http://www.initd.in/> * > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* > > <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> > <https://twitter.com/checkwithyogesh> > <http://google.com/+YogeshSharmaOnGooglePlus> >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
