Re: [Freeipa-users] Problem with properly removing replica master from cluster

2016-07-07 Thread Christophe TREFOIS 
Hi Petr,

The cleaning task worked. No more errors.

Thanks for that.

Kind regards,

—
Christophe

Dr Christophe Trefois, Dipl.-Ing.  
Technical Specialist / Post-Doc

UNIVERSITÉ DU LUXEMBOURG

LUXEMBOURG CENTRE FOR SYSTEMS BIOMEDICINE
Campus Belval | House of Biomedicine  
6, avenue du Swing 
L-4367 Belvaux  
T: +352 46 66 44 6124 
F: +352 46 66 44 6949  
http://www.uni.lu/lcsb




This message is confidential and may contain privileged information. 
It is intended for the named recipient only. 
If you receive it in error please notify me and permanently delete the original 
message and any copies. 


  

> On 07 Jul 2016, at 18:06, Petr Vobornik  wrote:
> 
> On 07/04/2016 05:54 PM, Christophe TREFOIS wrote:
>> Dear all,
>> 
>> First of all, thanks to mbasti for helping out so far.
>> 
>> We have a 3-node master cluster (—setup-ca) on 4.1 and setup a 4th using 
>> 4.2.0 as we want to migrate there.
>> 
>> First, we had some orphan entries in ipa-replica-manage list. We removed 
>> those by manually removing the LDAP node + children in 
>> cn=etc,cn=ipa,cn=masters.
>> Then, we saw that there is still an orphan entry here:
>> 
>> ldapsearch -xLLL -D "cn=directory manager" -W -b dc=uni,dc=lu 
>> '(&(nsuniqueid=---)(objectclass=nstombstone))’
>> 
>> In particular, there is one ghost entry for nsDS5ReplicaBindDN
>> 
>> This is the details of ldapsearch -x -D 'cn=directory manager' -W -b 
>> 'cn=Replication Manager 
>> masterAgreement1-lums3.uni.lu-pki-tomcat,ou=csusers,cn=config'
>> 
>> Enter LDAP Password:
>> # extended LDIF
>> #
>> # LDAPv3
>> # base

Re: [Freeipa-users] Problem with properly removing replica master from cluster

2016-07-07 Thread Petr Vobornik 

On 07/04/2016 05:54 PM, Christophe TREFOIS wrote:

Dear all,

First of all, thanks to mbasti for helping out so far.

We have a 3-node master cluster (—setup-ca) on 4.1 and setup a 4th using 4.2.0 
as we want to migrate there.

First, we had some orphan entries in ipa-replica-manage list. We removed those 
by manually removing the LDAP node + children in cn=etc,cn=ipa,cn=masters.
Then, we saw that there is still an orphan entry here:

ldapsearch -xLLL -D "cn=directory manager" -W -b dc=uni,dc=lu 
'(&(nsuniqueid=---)(objectclass=nstombstone))’

In particular, there is one ghost entry for nsDS5ReplicaBindDN

This is the details of ldapsearch -x -D 'cn=directory manager' -W -b 
'cn=Replication Manager 
masterAgreement1-lums3.uni.lu-pki-tomcat,ou=csusers,cn=config'

Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base

[Freeipa-users] Problem with properly removing replica master from cluster

2016-07-04 Thread Christophe TREFOIS 
Dear all,

First of all, thanks to mbasti for helping out so far.

We have a 3-node master cluster (—setup-ca) on 4.1 and setup a 4th using 4.2.0 
as we want to migrate there.

First, we had some orphan entries in ipa-replica-manage list. We removed those 
by manually removing the LDAP node + children in cn=etc,cn=ipa,cn=masters.
Then, we saw that there is still an orphan entry here:

ldapsearch -xLLL -D "cn=directory manager" -W -b dc=uni,dc=lu 
'(&(nsuniqueid=---)(objectclass=nstombstone))’

In particular, there is one ghost entry for nsDS5ReplicaBindDN

This is the details of ldapsearch -x -D 'cn=directory manager' -W -b 
'cn=Replication Manager 
masterAgreement1-lums3.uni.lu-pki-tomcat,ou=csusers,cn=config'

Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base