Ludwig,
Thank you!
John DeSantis
2016-10-05 10:43 GMT-04:00 Ludwig Krispenz <lkris...@redhat.com>:
> Hi,
>
> the RUV in the replication agreement is maintained to control changelog
> trimming, no changes should be deleted from the changelog which have not
> been seen by
against
the
"cn=meTomaster.dom.dom.dom,cn=replica,cn=dc\3Ddom\2Cdc\3Ddom\2Cdc\3Ddom,cn=mapping
tree,cn=config" bases?
For reference, these are the commands I ran to get to state [1]:
# master
ldapmodify -x -W -h localhost -D "cn=directory manager" <https://www.redhat.co
commands I ran to get to state [1]:
# master
ldapmodify -x -W -h localhost -D "cn=directory manager" <https://www.redhat.com/archives/freeipa-users/2016-August/msg00331.html
[2] https://www.redhat.com/archives/freeipa-users/2015-June/msg00382.html
Thanks!
John DeSantis
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
ithout sleep statements. Not once did any more of
the replica_generate_next_csn messages appear.
For anyone else seeing similar issues, hopefully this information will help.
John DeSantis
[1] https://www.redhat.com/archives/freeipa-users/2014-November/msg00138.html
[2] https://www.redhat.c
39 DNS entries, and only the MASTER reported
"replica_generate_next_csn" entries.
Given the size of the logs, I think it would be pointless to do any
kind of sanitization. I'll go ahead and gzip them for you and email
you off-list.
I've labeled them as MASTER and REPLICA.
John DeSantis
50:49 -0400] conn=1395 op=4160
RESULT err=0 tag=103 nentries=0 etime=0 csn=57b4a4c30016
I'm positive that I was the only one performing DNS updates during
this time, and I was only using 1 console.
Thanks,
John DeSantis
2016-08-18 10:09 GMT-04:00 Ludwig Krispenz <lkris...@redhat.com>:
>
&g
t these questions are probably leaning more towards the
389ds team, so feel free to pass me over to them if need be.
Again, thank you very much for responding!
John DeSantis
2016-08-18 4:14 GMT-04:00 Ludwig Krispenz <lkris...@redhat.com>:
>
> On 08/17/2016 08:54 PM, John Desantis wrote:
s due to the
re-use of the entries, or if something else should be looked into.
Thank you,
John DeSantis
[1] https://fedorahosted.org/389/ticket/47959
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
] during this process. We
applied the patched code and followed the same process and all was
well.
John DeSantis
[1] https://fedorahosted.org/freeipa/ticket/4064
2015-06-05 11:12 GMT-04:00 Marc Wiatrowski w...@iglass.net:
hello,
I've got a problem with expired certificates in my ipa/IdM setup
.
The current dse.ldiff states that the nsslapd-sizelimit is 2,000.
Is it possible that IPA isn't respecting this value since the constant
number is 2,000? Is it safe to change this value via an ldapmodify?
Thank you!
John DeSantis
--
Manage your subscription for the Freeipa-users mailing list:
https
.
Given what you've said, I'll perform a work-around within the code to
get a list of active users from a database table vs. the current
method.
John DeSantis
2015-05-04 9:53 GMT-04:00 Rob Crittenden rcrit...@redhat.com:
John Desantis wrote:
Hello all!
I believe I may be falling victim
[?1034h-BEGIN CERTIFICATE-
I checked a few other random client nodes (and the master) and none of
them are showing this corruption in their requests.
I attempted to fix the corruption (editing the file) and subsequently
restart certmonger with no luck.
Thanks,
John DeSantis
Thanks,
John
,
John DeSantis
2015-01-06 15:50 GMT-05:00 John Desantis desan...@mail.usf.edu:
Hello all,
Looking at the various online documentation regarding certificate renewals:
http://www.freeipa.org/page/Howto/CA_Certificate_Renewal#Procedure_in_IPA_.3C_4.0
http://www.freeipa.org/page/Certmonger
https
:14:47 2015] [error] Re-negotiation handshake failed:
Not accepted by client!?
FWIW, all IPA services are running for now.
Any guidance would certainly be appreciated! If more information is
required, let me know and I'll paste it in a reply.
Thank you,
John DeSantis
--
Manage your subscription
.
Thank you!
John DeSantis
2014-10-23 9:34 GMT-04:00 Rich Megginson rmegg...@redhat.com:
On 10/23/2014 07:01 AM, John Desantis wrote:
Rob and Rich,
ipa-replica-manage del should have cleaned things up. You can clear out
old RUVs with ipa-replica-manage too via list-ruv and clean-ruv. You use
list
since the retrying went up to 14400 seconds.
Would this be a simple re-initialization from the master on the host
iparepbackup?
Thanks,
John DeSantis
2014-10-22 16:03 GMT-04:00 John Desantis desan...@mail.usf.edu:
Rob and Rich,
ipa-replica-manage del should have cleaned things up. You can
.
Do these two tombstone entries need to be deleted with ldapdelete
before we can re-provision host-in-question and add it back as a
replica?
Thank you,
John DeSantis
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http
Richard,
You helped me before in #freeipa, so I appreciate the assistance again.
What version of 389 are you using?
rpm -q 389-ds-base
389-ds-base-1.2.11.15-34.el6_5
Thanks,
John DeSantis
2014-10-22 12:09 GMT-04:00 Rich Megginson rmegg...@redhat.com:
On 10/22/2014 09:42 AM, John Desantis
DeSantis
2014-10-22 15:49 GMT-04:00 Rob Crittenden rcrit...@redhat.com:
Rich Megginson wrote:
On 10/22/2014 12:55 PM, John Desantis wrote:
Richard,
You should remove the unused ruv elements. I'm not sure why they
were not
cleaned. You may have to use cleanallruv manually.
https
19 matches
Mail list logo
