Kelly Fergason via FreeIPA-users wrote:
Hello all,
I have inherited an IPA setup that has some issues. I was unfamiliar with the IPA software, but am learning a lot really fast. They had 4 servers, ipa01-04. Replication went from 01 to 02 to 03, and I don't recall how 04 was updated.
Replication stopped working from ipa01 to ipa02, and I have not been able to get it going again. At this time, we have one working ipa server, with no redundancy. Ipa02 and 03 are shutdown at the moment, ipa04 was rebuilt and I used it to try to create a new replica.
I have tried to reinitialize the replication to ipa02, and I have tried to create new replicas. These are set as domainlevel 1, so the process is to create a replica by promoting a client.
The general process used here was to clear up any replication agreements between servers and attempt to reinitialize or install the new replica. It pretty much always fails the same way.
We had a consultant work with us, and they were unable to determine what the problem was.
Some basics about the setup. We are running Oracle Linux 7.9, ipa-server 4.6.8-5.0.1. I have also tried Oracle Linux 8, and ipa-server 4.9.10, but there is no difference. DNS is not managed by the ipa server.
Replication seems to be the basis for DR and upgrading, so it would be really nice to get this working again.
I am attaching the console output of the ipa-replica-install command, and the install log file. Any insights as to how to get this going again would be greatly appreciated. If anyone needs more information, please let me know.
We need to see the 389-ds access and error logs for the respective servers.
rob