Re: [Freeipa-users] secondary out of sync on DNS again [solved]

2017-01-11 Thread Outback Dingo
working through it slowly now... :) On Wed, Jan 11, 2017 at 11:22 AM, Martin Basti wrote: > Have you tried the ldapsearch from the guide I sent you? > > > > On 11.01.2017 17:03, Outback Dingo wrote: >> >> I am still seeing this, and the same message about LDAP >> >>

Re: [Freeipa-users] secondary out of sync on DNS again [solved]

2017-01-11 Thread Martin Basti
Have you tried the ldapsearch from the guide I sent you? On 11.01.2017 17:03, Outback Dingo wrote: I am still seeing this, and the same message about LDAP ./ipa_check_consistency -H ipa2.optimcloud.com -d OPTIMCLOUD.COM Directory Manager password: FreeIPA servers:ipa2STATE

Re: [Freeipa-users] secondary out of sync on DNS again [solved]

2017-01-11 Thread Outback Dingo
I am still seeing this, and the same message about LDAP ./ipa_check_consistency -H ipa2.optimcloud.com -d OPTIMCLOUD.COM Directory Manager password: FreeIPA servers:ipa2STATE = Active Users1 OK Stage Users 0 OK Preserved Users

Re: [Freeipa-users] secondary out of sync on DNS again [solved]

2017-01-11 Thread Martin Basti
Great :) On 11.01.2017 16:52, Outback Dingo wrote: damn... DMARC record removed, now synced On Wed, Jan 11, 2017 at 10:33 AM, Martin Basti wrote: Please try to create a new test user if it is replicated to other replicas. I see repl. conflicts please try to

Re: [Freeipa-users] secondary out of sync on DNS again

2017-01-11 Thread Outback Dingo
Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic empty zone: 123.100.IN-ADDR.ARPA Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic empty zone: 124.100.IN-ADDR.ARPA Jan 11 08:45:56 ipa2.optimcloud.com named-pkcs11[2493]: automatic empty zone: 125.100.IN-ADDR.ARPA

Re: [Freeipa-users] secondary out of sync on DNS again

2017-01-11 Thread Martin Basti
Please try to create a new test user if it is replicated to other replicas. I see repl. conflicts please try to investigate them, it may cause a missing zone

Re: [Freeipa-users] secondary out of sync on DNS again

2017-01-11 Thread Outback Dingo
Not realliy, not like last time but [root@ipa2 ~]# cd ipa_check_consistency/ [root@ipa2 ipa_check_consistency]# ./ipa_check_consistency -H ipa2.optimcloud.com -d OPTIMCLOUD.COM Directory Manager password: FreeIPA servers:ipa2STATE = Active Users1

Re: [Freeipa-users] secondary out of sync on DNS again

2017-01-11 Thread Martin Basti
On 11.01.2017 15:32, Outback Dingo wrote: not sure why, but the secondary freeipa server is out of sync by a long shot now, missing dns domains and A records... tried ipa-replica-manage force-sync --from ipa.optimcloud.com doesnt seem to be working HELP! Do you see any errors in