On 09/04/2014 05:11 PM, Guillermo Fuentes wrote: Hello list, We’re running FreeIPA with a master and 3 replicas. The replication stopped working and currently we’re adding resources only to the master. This is the environment we have: m1: OS: CentOS release 6.5 FreeIPA: 3.0.0-37
Update: m2 and m3 are now in sync! After making sure ldapsearch was working both ways (m1=m2 and m1=m3) using the server's keytabs (/etc/dirsrv/ds.keytab) for getting the ticket, I re-initialize both replicas and they were able to get updated: @m2 # ipa-replica-manage re-initialize --from
Good to hear Guillermo, I am glad you are back up and running. I am just curious, what as the root cause of your replication errors in the end? I did not catch that from the thread. Is it something we can fix in FreeIPA or is it just a configuration error? Thanks, Martin On 09/05/2014 08:06
Hi Martin, That's a good question! We're not sure what was the root cause of the replication errors. When we realized the replication wasn't happening, we had recently updated FreeIPA from 3.0.0-36 to 3.0.0-37 (on CentOS 6.5) and we had shutdown m1 and m2 in order to do a snapshot of the VMs.
I should add that we already tried everything at https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html On Thu, Sep 4, 2014 at 11:11 AM, Guillermo Fuentes
sudo ipa-replica-conncheck --replica for all replicas comes back with ... The following UDP ports could not be verified as open: 88, 464 This can happen if they are already bound to an application and ipa-replica-conncheck cannot attach own UDP responder. Connection from master to replica is