Any help here, freeIPA giving me a hard time. I am not able to remove bad replicas. I have tried all possible options and google + chatGPT whatever I can do but none helping. is there any way I can remove bad replicas from my freeIPA?
On Thu, May 16, 2024 at 11:00 AM Satish Patel satish.txt@gmail.com wrote:
Hi Florence,
I have run all the possible commands but that thing isn't going away :( Even I even tried to search inside ldapsearch to see if I can manually remove them from ldap DB but it's not there either. I don't know who is holding this information.
[root@ldap-vx-010101-4 ~]# ipa-replica-manage del ldap-vx-010103-4.site5.example.com --clean --force ipa: WARNING: Forcing removal of ldap-vx-010103-4.site5.example.com ipa: WARNING: Ignoring topology connectivity errors. ipa: WARNING: Ignoring these warnings and proceeding with removal ipa: WARNING: Failed to cleanup ldap-vx-010103-4.site5.example.com DNS entries: no such entry ipa: WARNING: You may need to manually remove them from the tree ipa: WARNING: Server has already been deleted
Deleted IPA server "ldap-vx-010103-4.site5.example.com"
[root@ldap-vx-010101-4 ~]# ipa server-del ldap-vx-010103-4.site5.example.com --force Removing ldap-vx-010103-4.site5.example.com from replication topology, please wait... ipa: WARNING: Forcing removal of ldap-vx-010103-4.site5.example.com ipa: WARNING: Failed to cleanup ldap-vx-010103-4.site5.example.com DNS entries: no such entry ipa: WARNING: You may need to manually remove them from the tree ipa: WARNING: Server has already been deleted
Deleted IPA server "ldap-vx-010103-4.site5.example.com"
Still I can see it in list
ldap-vx-010103-4.site5.example.com: replica last init status: Error (0) last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) No replication sessions started since server startup last update ended: 1970-01-01 00:00:00+00:00
On Thu, May 16, 2024 at 1:48 AM Florence Blanc-Renaud flo@redhat.com wrote:
Hi,
On Thu, May 16, 2024 at 4:05 AM Satish Patel via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
Folks,
I am trying to build some replicas and somehow they failed but because they are half baked they are stuck in master nodes and not letting me remove them. I have tried all the options and don't know how to get rid of them.
I want to remove ldap-vx-010103-1.site5.example.com and ldap-vx-010103-2.site5.example.com. I have removed them from topology and from host and hostgroup ipaservers list but no luck. I have totally shut down replicas nodes but still no luck. Are there any good ways to clean them up?
The commands "ipa server-del <hostname> --force" or "ipa-replica-manage del <hostname> --clean --force" should be able to remove references to those servers, even if they are shutdown. You need to run the command on a working server.
HTH, flo
[root@ldap-vx-010101-4 ~]# ipa-replica-manage list -v `hostname` ldap-vx-010101-1.site5.example.com: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2024-05-16 01:58:02+00:00 ldap-vx-010101-2.site5.example.com: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2024-05-16 01:58:02+00:00 ldap-vx-010101-3.site5.example.com: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2024-05-16 01:58:02+00:00 ldap-vx-010101-5.site5.example.com: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2024-05-16 01:58:02+00:00 ldap-vx-010103-1.site5.example.com: replica last init status: Error (0) last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (-1) Problem connecting to replica - LDAP error: Can't contact LDAP server (connection error) last update ended: 2024-05-11 10:30:33+00:00 ldap-vx-010103-2.site5.example.com: replica last init status: Error (0) Total update succeeded last init ended: 2024-05-10 20:35:02+00:00 last update status: Error (-1) Problem connecting to replica - LDAP error: Can't contact LDAP server (connection error) last update ended: 1970-01-01 00:00:00+00:00 ldap-vx-010103-3.site5.example.com: replica last init status: Error (0) Total update succeeded last init ended: 2024-05-10 21:14:53+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2024-05-16 01:58:02+00:00 -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue