Hello. I have four IPA servers replicating in full mesh. All four servers are running ipa-server-4.2.0-15.0.1.el7_2.19.x86_64.
This was working for some time but now I see that no replication is occurring automatically at present. When I update a user attribute on an IPA server, I see errors like these: [22/Sep/2016:16:53:49 -0700] attrlist_replace - attr_replace (nsslapd-referral, ldap://ldap03.xx.com:389/o%3Dipaca) failed. [22/Sep/2016:16:58:56 -0700] NSMMReplicationPlugin - agmt="cn=masterAgreement1-ldap03.xx.com-pki-tomcat" (ldap03:389): Incremental update failed and requires administrator action I can reinitialize without errors. ipa-csreplica-manage re-initialize --from=ldap01.xx.com <http://ldap04.us.oracle.com/> ipa-replica-manage re-initialize --from=ldap01.xx.com Afterwards I see my attribute (and other) changes are replicated on each server I re-initialize from. But subsequently, replication doesn’t seem to be happening. I reinitialized according to the steps in Table 8.7, “Replication Errors”, but subsequent replication isn’t occurring. Any suggestions? Is it safe to identify one of my four servers as containing up-to-date data, then sever and reinstate replication relationships with the other three? Mike
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
