
I'm still trying to wrap my head around the master-replica concept.

>From what I read in the documentation (Chapter 4 of

the replica should be able to take over as master should master go offline.

Our replica was set up with CA & without DNS - the same as master, and it
seems to be working on the whole.

The problem I'm having is in the replication.
create user on master:

ipa user-add master_test_user --first=MT --last=ML

create user on replica:

ipa user-add replica_test_user --first=RT --last=RL

find user on master:

[root@vmpr-linuxidm ~]# ipa user-find test_user
2 users matched
  User login: master_test_user
  First name: MT
  Last name: ML
  Home directory: /home/master_test_user
  Login shell: /bin/bash
  Principal name: master_test_u...@unix.domain.com
  Principal alias: master_test_u...@unix.domain.com
  Email address: master_test_u...@domain.com
  UID: 1718800021
  GID: 1718800021
  Account disabled: False

  User login: replica_test_user
  First name: RT
  Last name: RL
  Home directory: /home/replica_test_user
  Login shell: /bin/bash
  Principal name: replica_test_u...@unix.domain.com
  Principal alias: replica_test_u...@unix.domain.com
  Email address: replica_test_u...@domain.com
  UID: 1718850502
  GID: 1718850502
  Account disabled: False
Number of entries returned 2

find user on replica:
[root@vmdr-linuxidm ~]# ipa user-find test_user
1 user matched
  User login: replica_test_user
  First name: RT
  Last name: RL
  Home directory: /home/replica_test_user
  Login shell: /bin/bash
  Principal name: replica_test_u...@unix.domain.com
  Principal alias: replica_test_u...@unix.domain.com
  Email address: replica_test_u...@domain.com
  UID: 1718850502
  GID: 1718850502
  Account disabled: False
Number of entries returned 1

If I run ipa user-add on the replica, I see it upstream on master, but if I
run ipa add-user on the master, that's not replicated down to the replica.

Also, ipa user-del (even with --no-preserve) works on master, but doesn't
delete the user on the replica.

What has gone wrong?


"The antidote to apocalypticism is *apocalyptic civics*. Apocalyptic civics
is the insistence that we cannot ignore the truth, nor should we panic
about it. It is a shared consciousness that our institutions have failed
and our ecosystem is collapsing, yet we are still here — and we are
creative agents who can shape our destinies. Apocalyptic civics is the
conviction that the only way out is through, and the only way through is
together. "

*Greg Bloom* @greggish
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to