On 06/08/2016 11:15 AM, Cal Sawyer wrote: > In /var/log/dirsrv/slapd-LOCALDOMAIN-LOCAL/errors on all IPA > master/replicas:, there's a multitude of these messages. There are no > other error messages and replication, from viewing access log, appears > to be working > > [08/Jun/2016:10:06:08 +0100] attrlist_replace - attr_replace > (nsslapd-referral, > ldap://ipa.localdomain.local:389/dc%3Dlocaldomain%2Cdc%3Dlocal) failed. > >> ipa-replica-manage list-ruv > > ipa.localdomain.local:389: 4 > ipa4.localdomain.local:389: 28 > ipa2.localdomain.local:389: 17 > ipa3.localdomain.local:389: 29 > ipa2.localdomain.local:389: 8 > > This is correct, yes? > > - c sawyer >
one of(probably 8): ipa2.localdomain.local:389: 17 ipa2.localdomain.local:389: 8 is incorrect. https://www.freeipa.org/page/Troubleshooting#Obsolete_RUV_records You need to identify which one is INCORRECT and then run ipa-replica-manage clean-ruv $incorrect command. The CORRECT one can identified with: ldapsearch -ZZ -h ipa2.localdomain.local -D "cn=Directory Manager" -W -b "dc=localdomain,dc=local" "(&(objectclass=nstombstone)(nsUniqueId=ffffffff-ffffffff-ffffffff-ffffffff))" | grep "nsDS5ReplicaId" -- Petr Vobornik -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
