The mystery continues. It seems might be working but in reality it's
not. The replica has stopped updating from the master and is unable to
talk to the LDAP server. I'm fairly certain this is a certificate
issue. However, my certs appear to be valid.
So far, the ipa-replica-manage command using the re-initialize or
force-sync is not fixing the problem. Copying the LDAP database from
the master to the replica has not worked. Where do I go from here?
# ipa-replica-manage list tierod.<domain-name> -v
fitch.<domain-name>: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully:
Incremental update succeeded
last update ended: 2018-05-22 21:19:06+00:00
sump.<domain-name>: replica
last init status: -1 - LDAP error: Can't contact LDAP server
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (-1) Problem connecting to replica - LDAP
error: Can't contact LDAP server (connection error)
last update ended: 1970-01-01 00:00:00+00:00
# ipa-replica-manage list sump.<domain-name> -v
Directory Manager password:
tierod.<domain-name>: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully:
Incremental update succeeded
last update ended: 2018-05-22 21:09:22+00:00