uot;freeipa-users@redhat.com"
Subject: Re: [Freeipa-users] Replica without CA: implications?
You need to identify which one is INCORRECT and then run
ipa-replica-manage clean-ruv $incorrect command.
The CORRECT one can identified with:
ldapsearch -ZZ -h ipa2.localdomain.local -D "
Thanks very much for this, Petr.
[08/Jun/2016:12:28:42 +0100] NSMMReplicationPlugin - CleanAllRUV Task
(rid 8): Successfully cleaned rid(8).
on master and all replicas. Voila - all error logs are now quiet
Cal Sawyer | Systems Engineer | BlueBolt Ltd
15-16 Margaret Street | London W1W 8RW
+4
On 06/08/2016 11:15 AM, Cal Sawyer wrote:
> In /var/log/dirsrv/slapd-LOCALDOMAIN-LOCAL/errors on all IPA
> master/replicas:, there's a multitude of these messages. There are no
> other error messages and replication, from viewing access log, appears
> to be working
>
> [08/Jun/2016:10:06:08 +0100
On 06/08/2016 11:05 AM, Cal Sawyer wrote:
>
> On 08/06/16 09:23, Martin Kosek wrote:
>> On 06/07/2016 04:10 PM, Cal Sawyer wrote:
>> ...
>>> I found that installing a replica with firewalld enabled would consistently
>>> fail
>>> during initial replication. Disabling firewalld always allowed repl
In /var/log/dirsrv/slapd-LOCALDOMAIN-LOCAL/errors on all IPA
master/replicas:, there's a multitude of these messages. There are no
other error messages and replication, from viewing access log, appears
to be working
[08/Jun/2016:10:06:08 +0100] attrlist_replace - attr_replace
(nsslapd-referr
On 08/06/16 09:23, Martin Kosek wrote:
On 06/07/2016 04:10 PM, Cal Sawyer wrote:
...
I found that installing a replica with firewalld enabled would consistently fail
during initial replication. Disabling firewalld always allowed replication and
later stages to complete
[24/38]: settin
On 06/07/2016 04:10 PM, Cal Sawyer wrote:
...
> I found that installing a replica with firewalld enabled would consistently
> fail
> during initial replication. Disabling firewalld always allowed replication
> and
> later stages to complete
>
>[24/38]: setting up initial replication
>
For the benefit, or added confusion, of future generations, some
observations
ipa-ca-install, run successful replica instantiation w/o --setup-ca
fails consistently with the errors in my orig post. Never figured out
what the script was finding that needed purging. After a multitude of
attemp
Cal Sawyer wrote:
Apologies for the lengthy pause in getting back onto this. I ended up
destroying the replica and reprovisioning frmm scratch, but the replica
still lists as being CA-less.
Is what i'm seeing normal? Would this 2-node setup in this state
survive failure of the master?
It wil
Apologies for the lengthy pause in getting back onto this. I ended up
destroying the replica and reprovisioning frmm scratch, but the replica
still lists as being CA-less.
Is what i'm seeing normal? Would this 2-node setup in this state
survive failure of the master?
-
ON
On Wed, 2016-03-09 at 15:59 +, Cal Sawyer wrote:
> Hi
>
> Somehow i picked the wrong cookbook when i provisioned my first (and
> only) replica and it lacks CA aso, as pointed out in a recent thread,
> creates a single point of failure. Not ready to set up more 2 replicas
> yet and am still
11 matches
Mail list logo
