subject:"\[Freeipa\-users\] getting rid of nsds5ReplConflict"

Re: [Freeipa-users] getting rid of nsds5ReplConflict

2015-05-19 Thread Rich Megginson

On 05/19/2015 10:10 AM, Megan . wrote:

I'm struggling with a replication conflict. I had three masters,
dir1, dir2, dir3. There were some weird issues with dir2 where I was
getting error 49 (Invalid credentials) without any real
information.

Where did you see this? command line output? Of what command? In a
log file? Which log file? Can you post the exact error message along
with the context?

When i did ipa-replica-manage list-ruv i saw dir2
twice.

Can you post the output?

I couldn't get it straight

What does get it straight mean? Does it mean you ran some commands?
If so, what commands did you run and what was the result?

so i decided to try to re-create
the replica. I disconnected the replica, ran the del for the replica.
When i check for replication conflicts i still see it in there and I
can't seem to get it to go away.

Deleting and recreating the replica will not remove the replication
conflict if the conflict has been replicated to other servers.

This document doesn't say anything about resolving replica conflict
entries by deleting and re-adding replicas:

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html

It only shows up on one of the
remaining masters.

I was trying to follow the documentation

The link above?

and use ldapmodify to change
the dn to cn=olddir2.somewhere.example.something.com7475d90c but
everything i seem to be trying doesn't work.

What exactly did you do?

I'm assuming this entry needs to be cleared up before i can
successfully setup dir2 again as a replica.

No, not necessarily.

Any help would be greatly appreciated.

Thanks!

[root@dir1 ~]# ldapsearch -x -D cn=directory manager -W -b
dc=somewhere,dc=example,dc=something,dc=com nsds5ReplConflict=* \*
nsds5ReplConflict
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base dc=somewhere,dc=example,dc=something,dc=com with scope subtree
# filter: nsds5ReplConflict=*
# requesting: * nsds5ReplConflict
#

# dir2.somewhere.example.something.com +
7475d90c-f34911e4-99a0ab24-58022cdf, masters
, ipa, etc, somewhere.example.something.com
dn:
cn=dir2.somewhere.example.something.com+nsuniqueid=7475d90c-f34911e4-99a0ab24-5802
2cdf,cn=masters,cn=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
nsds5ReplConflict: namingConflict
cn=dir2.somewhere.example.something.com,cn=masters,c
n=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
objectClass: top
objectClass: nsContainer
cn: dir2.somewhere.example.something.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] getting rid of nsds5ReplConflict

2015-05-19 Thread Megan .

Thank you for the reply. I think I just got frustrated. I
uninstalled ipa on the dir2 replica then set it back up again as a
replica. Everything seems to be replicating just fine without errors
now. I know that this isn't the preferred or documented solution but
i needed the server back online asap.

When i run ipa-replica-manage list-ruv i see dir2 listed twice. Is
this a concern?

[root@dir1 ipa]# ipa-replica-manage list-ruv
dir1.example.com:389: 4
dir3.example.com:389: 5
dir2.example.com:389: 6
dir2.example.com:389: 8

On Tue, May 19, 2015 at 12:37 PM, Rich Megginson rmegg...@redhat.com wrote:
On 05/19/2015 10:10 AM, Megan . wrote:

Where did you see this? command line output? Of what command? In a log
file? Which log file? Can you post the exact error message along with the
context?

When i did ipa-replica-manage list-ruv i saw dir2
twice.

Can you post the output?

I couldn't get it straight

What does get it straight mean? Does it mean you ran some commands? If
so, what commands did you run and what was the result?

Deleting and recreating the replica will not remove the replication conflict
if the conflict has been replicated to other servers.

This document doesn't say anything about resolving replica conflict entries
by deleting and re-adding replicas:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html

It only shows up on one of the
remaining masters.

I was trying to follow the documentation

The link above?

and use ldapmodify to change
the dn to cn=olddir2.somewhere.example.something.com7475d90c but
everything i seem to be trying doesn't work.

What exactly did you do?

I'm assuming this entry needs to be cleared up before i can
successfully setup dir2 again as a replica.

No, not necessarily.

Any help would be greatly appreciated.

Thanks!

2cdf,cn=masters,cn=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
nsds5ReplConflict: namingConflict
cn=dir2.somewhere.example.something.com,cn=masters,c
n=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
objectClass: top
objectClass: nsContainer
cn: dir2.somewhere.example.something.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] getting rid of nsds5ReplConflict

2015-05-19 Thread Rich Megginson

On 05/19/2015 12:27 PM, Megan . wrote:

When i run ipa-replica-manage list-ruv i see dir2 listed twice. Is
this a concern?

No. When you get a chance, you can remove the one that is no longer
used with the documented clean ruv procedure. I believe there is an ipa
command for that.

[root@dir1 ipa]# ipa-replica-manage list-ruv
dir1.example.com:389: 4
dir3.example.com:389: 5
dir2.example.com:389: 6
dir2.example.com:389: 8

On Tue, May 19, 2015 at 12:37 PM, Rich Megginson rmegg...@redhat.com wrote:

On 05/19/2015 10:10 AM, Megan . wrote:

Where did you see this? command line output? Of what command? In a log
file? Which log file? Can you post the exact error message along with the
context?

When i did ipa-replica-manage list-ruv i saw dir2
twice.

Can you post the output?

I couldn't get it straight

What does get it straight mean? Does it mean you ran some commands? If
so, what commands did you run and what was the result?

Deleting and recreating the replica will not remove the replication conflict
if the conflict has been replicated to other servers.

It only shows up on one of the
remaining masters.

I was trying to follow the documentation

The link above?

and use ldapmodify to change
the dn to cn=olddir2.somewhere.example.something.com7475d90c but
everything i seem to be trying doesn't work.

What exactly did you do?

I'm assuming this entry needs to be cleared up before i can
successfully setup dir2 again as a replica.

No, not necessarily.

Any help would be greatly appreciated.

Thanks!

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] getting rid of nsds5ReplConflict

2015-05-19 Thread Rob Crittenden


Megan . wrote:

Thank you for the reply.  I think I just got frustrated.  I
uninstalled ipa on the dir2 replica then set it back up again as a
replica.  Everything seems to be replicating just fine without errors
now.  I know that this isn't the preferred or documented solution but
i needed the server back online asap.

When i run ipa-replica-manage list-ruv i see dir2 listed twice.  Is
this a concern?

[root@dir1 ipa]# ipa-replica-manage list-ruv
dir1.example.com:389: 4
dir3.example.com:389: 5
dir2.example.com:389: 6
dir2.example.com:389: 8


You should clean it up using the clean-ruv option of ipa-replica-manage.

You should bind as Directory Manager and look in cn=mapping 
tree,cn=config for nsDS5ReplicaId you'll be able to see the active IDs. 
I'd guess that 6 is the one to be removed but a search will tell you for 
sure.


rob

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] getting rid of nsds5ReplConflict

2015-05-19 Thread Megan .

I'm struggling with a replication conflict.  I had three masters,
dir1, dir2, dir3.  There were some weird issues with dir2 where I was
getting  error 49 (Invalid credentials) without any real
information.  When i did  ipa-replica-manage list-ruv i saw dir2
twice.  I couldn't get it straight so i decided to try to re-create
the replica.  I disconnected the replica, ran the del for the replica.
When i check for replication conflicts i still see it in there and I
can't seem to get it to go away.  It only shows up on one of the
remaining masters.

I was trying to follow the documentation and use ldapmodify to change
the dn to cn=olddir2.somewhere.example.something.com7475d90c but
everything i seem to be trying doesn't work.

I'm assuming this entry needs to be cleared up before i can
successfully setup dir2 again as a replica.

Any help would be greatly appreciated.

Thanks!


[root@dir1 ~]# ldapsearch -x -D cn=directory manager -W -b
dc=somewhere,dc=example,dc=something,dc=com nsds5ReplConflict=* \*
nsds5ReplConflict
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base dc=somewhere,dc=example,dc=something,dc=com with scope subtree
# filter: nsds5ReplConflict=*
# requesting: * nsds5ReplConflict
#

# dir2.somewhere.example.something.com +
7475d90c-f34911e4-99a0ab24-58022cdf, masters
 , ipa, etc, somewhere.example.something.com
dn: 
cn=dir2.somewhere.example.something.com+nsuniqueid=7475d90c-f34911e4-99a0ab24-5802
 2cdf,cn=masters,cn=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
nsds5ReplConflict: namingConflict
cn=dir2.somewhere.example.something.com,cn=masters,c
 n=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
objectClass: top
objectClass: nsContainer
cn: dir2.somewhere.example.something.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] getting rid of nsds5ReplConflict

Re: [Freeipa-users] getting rid of nsds5ReplConflict

Re: [Freeipa-users] getting rid of nsds5ReplConflict

Re: [Freeipa-users] getting rid of nsds5ReplConflict

[Freeipa-users] getting rid of nsds5ReplConflict

5 matches

Site Navigation

Mail list logo

Footer information