Hello François,
Thanks for replying.
I did notice in some post from 2015 about ldap with some rudimentary
ldap command. My ldap knowlegedge is truth be told not awesome (Yet, but
learning).
No matter how much I tortured ldapsearch I was unable to match pretty
much anything. Not even the other two servers, so something is
fundamentally wrong in my query.
Even if I hit gold (in terms of finding something in ldap) removing it
would even be as difficult.
I am willing to learn but ldap and me were never best friends.
Thanks!
-Chris.
On 22/06/2019 11:47, François Cami wrote:
Hi Christian,
On Sat, Jun 22, 2019 at 12:13 AM Christian Reiss via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
>
> Hey folks,
>
> In my Test-Setup I have the following:
>
>
srv1.auth.alpha-labs.net
>
srv2.auth.alpha-labs.net
>
srv3.auth.alpha-labs.net
>
> srv1 is the freshly installed master.
> srv2 is a client, promoted to replication via ipa-replica-install.
> srv3 failed with ipa-replica-install. Now I can't proceed past:
>
> -- 8< -- -- 8< -- -- 8< -- -- 8< -- -- 8< -- -- 8< -- --
8< --
> [root@srv3 ~]# ipa-replica-install
> ipaserver.install.installutils: ERROR Unable to resolve the IP
> address 10.1.2.10 to a host name, check /etc/hosts and DNS name resolution
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>
> ipapython.admintool: ERROR A replication agreement for this host
> already exists. It needs to be removed.
> Run this command:
> %% ipa-replica-manage del
srv3.auth.alpha-labs.net --force
> ipapython.admintool: ERROR The ipa-replica-install command failed.
> See /var/log/ipareplica-install.log for more information
> -- 8< -- -- 8< -- -- 8< -- -- 8< -- -- 8< -- -- 8< -- --
8< --
>
> I tried (on srv1):
>
> - ipa-replica-manage del
srv3.auth.alpha-labs.net --cleanup --force
> - ipa-replica-manage disconnect
srv3.auth.alpha-labs.net
> - ipa-replica-manage del
srv3.auth.alpha-labs.net --force -v --no-lookup
> - ipa-replica-manage clean-dangling-ruv
> - ipa-replica-manage del --force
srv3.auth.alpha-labs.net
>
> As this is just a test setup I can easily drop everything and start
> over, but I really wonder how to fix that once we go live with a real setup.
Please search your ldap tree (using ldapsearch with admin credentials)
for remaining objects containing the to-delete server hostname.
You should find the replication agreements there.
If unsure of what to do next please reply to the list.
François
> Thanks in advance!
> Enjoy your weekend!
> -Chris.
>
> --
> Christian Reiss - email(a)christian-reiss.de /"\ ASCII Ribbon
> support(a)alpha-labs.net \ / Campaign
> X against HTML
> WEB
alpha-labs.net / \ in eMails
>
> GPG Retrieval
https://gpg.christian-reiss.de
> GPG ID ABCD43C5, 0x44E29126ABCD43C5
> GPG fingerprint = 9549 F537 2596 86BA 733C A4ED 44E2 9126 ABCD 43C5
>
> "It's better to reign in hell than to serve in heaven.",
> John Milton, Paradise lost.
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
--
Christian Reiss - email(a)christian-reiss.de /"\ ASCII Ribbon
support(a)alpha-labs.net \ / Campaign
X against HTML
WEB
alpha-labs.net / \ in eMails
GPG Retrieval
https://gpg.christian-reiss.de
GPG ID ABCD43C5, 0x44E29126ABCD43C5
GPG fingerprint = 9549 F537 2596 86BA 733C A4ED 44E2 9126 ABCD 43C5
"It's better to reign in hell than to serve in heaven.",
John Milton, Paradise lost.