Re: [Freeipa-users] Removing a replica fails everytime
Steven Jones wrote: Hi, Seems the un-install option for ipa-server hangs at un-configuring/stopping the web server every timethe result is the master thinks it has a replication agreement but the replica doesnt..its then not possible to re-add the replica to the masterits starts to work but fails when it tries to sync the data...that bit doesnt seem to occur.. Can you investigate where it hangs? What is the last bit in the log? Is it that /sbin/service isn't returning? strace might be helpful. Now the assumption seems to be the dirsrv on the server being removed is running...in effect you can only un-install if the system is working...which isnt why you want to --uninstall. DSo if you lose a server and it has no dirsrv you cannot remove it from the master's "memory" so a bare metal restore cannot be added If a box goes away then you can remove references on the master it connected with using: ipa-replica-manage del --force ipa host-del Simple solution there needs to be a script or procedure that cleans the master properly. The solution is to figure out why your server is hanging. Nobody has ever reported seeing this before. rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Removing a replica fails everytime
any idea on this GSSAPI error? [root@vuwunicoipam001 ~]# ipa-replica-manage list vuwunicoipam002.ods.vuw.ac.nz: master vuwunicoipam005.ods.vuw.ac.nz: master vuwunicoipam003.ods.vuw.ac.nz: master vuwunicoipam004.ods.vuw.ac.nz: master vuwunicoipam001.ods.vuw.ac.nz: master [root@vuwunicoipam001 ~]# ipa-replica-manage del vuwunicoipam003.ods.vuw.ac.nz Unable to delete replica vuwunicoipam003.ods.vuw.ac.nz: {'info': 'SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Cannot contact any KDC for requested realm)', 'desc': 'Local error'} [root@vuwunicoipam001 ~]# I'd like to delete 4 and 5 as well as they are not masters regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Thursday, 14 June 2012 9:00 a.m. Cc: freeipa-users@redhat.com Subject: [Freeipa-users] Removing a replica fails everytime Hi, Seems the un-install option for ipa-server hangs at un-configuring/stopping the web server every timethe result is the master thinks it has a replication agreement but the replica doesnt..its then not possible to re-add the replica to the masterits starts to work but fails when it tries to sync the data...that bit doesnt seem to occur.. Now the assumption seems to be the dirsrv on the server being removed is running...in effect you can only un-install if the system is working...which isnt why you want to --uninstall. DSo if you lose a server and it has no dirsrv you cannot remove it from the master's "memory" so a bare metal restore cannot be added Simple solution there needs to be a script or procedure that cleans the master properly. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] Removing a replica fails everytime
Hi, Seems the un-install option for ipa-server hangs at un-configuring/stopping the web server every timethe result is the master thinks it has a replication agreement but the replica doesnt..its then not possible to re-add the replica to the masterits starts to work but fails when it tries to sync the data...that bit doesnt seem to occur.. Now the assumption seems to be the dirsrv on the server being removed is running...in effect you can only un-install if the system is working...which isnt why you want to --uninstall. DSo if you lose a server and it has no dirsrv you cannot remove it from the master's "memory" so a bare metal restore cannot be added Simple solution there needs to be a script or procedure that cleans the master properly. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users