On 09/04/2014 05:11 PM, Guillermo Fuentes wrote:
Hello list,
We’re running FreeIPA with a master and 3 replicas. The replication
stopped working and currently we’re adding resources only to the
master. This is the environment we have:
m1:
OS: CentOS release 6.5
FreeIPA: 3.0.0-37
On 09/04/2014 10:31 PM, Ron wrote:
So I tried to delete an entry on IPA01 without success:
[root@ipa01 ~]# ldapdelete -D
uid=admin,cn=users,cn=accounts,dc=,dc=abc,dc=ca -W -x
cn=userxyz+nsuniqueid=62c9c682-32ce11e4-8c13b928-a98b9061,cn=groups,cn=accounts,dc=,dc=abc,dc=ca
Enter LDAP
On 09/04/2014 11:24 PM, Andrew Krause wrote:
I realize this question has been brought forth previously, but I am
unable to find a clear answer. I have a 389-ds environment that is
serving as an authentication back end for a python application. The
plan was to use this as a kind of SSO for
On 09/05/2014 02:54 AM, Andrew Krause wrote:
I realize this question has been brought forth previously, but I am
unable to find a clear answer. I have a 389-ds environment that is
serving as an authentication back end for a python application. The
plan was to use this as a kind of SSO for
On 09/05/2014 12:44 AM, Martin Kosek wrote:
On 09/04/2014 10:31 PM, Ron wrote:
So I tried to delete an entry on IPA01 without success:
[root@ipa01 ~]# ldapdelete -D
uid=admin,cn=users,cn=accounts,dc=,dc=abc,dc=ca -W -x
On 09/05/2014 03:32 AM, Sankar Ramlingam wrote:
On 09/05/2014 02:54 AM, Andrew Krause wrote:
I realize this question has been brought forth previously, but I am
unable to find a clear answer. I have a 389-ds environment that is
serving as an authentication back end for a python application.
I've got an odd situation with one of our networks. Our systems are
properly registered in DNS within IPA, and the web interface and IPA
queries work to resolve the hosts, but named isn't playing along with us.
[root@ipa1 data]# ipa dnsrecord-find foo.net --name=asterisk
Record name:
Hello,
On 5.9.2014 18:14, Bret Wortman wrote:
I've got an odd situation with one of our networks. Our systems are properly
registered in DNS within IPA, and the web interface and IPA queries work to
resolve the hosts, but named isn't playing along with us.
[root@ipa1 data]# ipa dnsrecord-find
Update:
m2 and m3 are now in sync!
After making sure ldapsearch was working both ways (m1=m2 and
m1=m3) using the server's keytabs (/etc/dirsrv/ds.keytab) for
getting the ticket, I re-initialize both replicas and they were able
to get updated:
@m2 # ipa-replica-manage re-initialize --from
Good to hear Guillermo, I am glad you are back up and running. I am just
curious, what as the root cause of your replication errors in the end? I did
not catch that from the thread. Is it something we can fix in FreeIPA or is it
just a configuration error?
Thanks,
Martin
On 09/05/2014 08:06
Hi Martin,
That's a good question! We're not sure what was the root cause of the
replication errors.
When we realized the replication wasn't happening, we had recently
updated FreeIPA from 3.0.0-36 to 3.0.0-37 (on CentOS 6.5) and we had
shutdown m1 and m2 in order to do a snapshot of the VMs.
So, just for completeness in case someone else experiences the same
issue, what I did in the end was install JXplorer and then use it to
delete the problem entries. They appeared as (for example):
nsuniqueid=4034e309-d63711e3-9b7eb928-a98b9061+uid=disk100,cn=users,cn=accounts,dc=xxx,dc=abc,dc=ca
12 matches
Mail list logo
