Petr Vobornik wrote:
On 09/21/2016 11:25 PM, pgb205 wrote:
topology prior to deletion
master1<->master2
master2 deleted with ipa-server --uninstall command
During re-installation I get error that the replication agreement still exists
on master1.
I do see this using ipa-replica-manage list.
Tried deleting replication agreement with
ipa-replica-manage disconnect but receive 'no such replication agreement exist'
Force deletion and cleanup do not work
receive unexpected error: Server is unwilling to perform: database is read-only
removing directly from ldap gives me:
ldapdelete -r -x -D "cn=Directory Manager" -W
'cn=fqdn,cn=masters,cn=ipa,cn=etc,dc=domain,dc=com'
Enter LDAP Password:
ldap_delete: Server is unwilling to perform (53)
ldap_delete: Server is unwilling to perform (53)
additional info: database is read-only
But I am not sure if I'm not using correct path or if it's something else.
Might be related to Bug 826677 – IPA cannot remove disconnected replica data to
reconnect <https://bugzilla.redhat.com/show_bug.cgi?id=826677>
Bug 826677 – IPA cannot remove disconnected replica data to reconnect
<https://bugzilla.redhat.com/show_bug.cgi?id=826677>
run on master1:
ipa-csreplica-manage del master2 --force --clean
ipa-replica-manage del master2 --force --clean
In that order. First step only if master2 was installed with CA.
Those command should clean left-over data from master2.
In standard situation, recommended uninstallation procedure for IPAs
prior FreeIPA 4.4 is:
master1# ipa-csreplica-manage del master2
master1# ipa-replica-manage del master2
master2# ipa-server-install --uninstall
Ultimately the problem is that the database is set to read only.
$ ldapsearch -x -D 'cn=directory manager' -W -s base -b 'cn=userRoot,
cn=ldbm database, cn=plugins, cn=config' nsslapd-readonly
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
