Thanks for your help,And this server is one of the servers listed on server2 and not on the server1 .My doubt is this. Why i have differences on the two web interfaces. Another error i have in the structure is this :No problems with the sincronization.When i run the command :Hello Rob,The strange thing i have here is. The server2 has all of my servers listed on the web interface but the server1 not have all of this servers.
# ipa-replica-manage list -v server2.domain
server1.domain: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental update succeeded
last update ended: 2017-06-27 14:57:34+00:00
# ipa-replica-manage list -v server1.domain
server2.domain: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental update succeeded
last update ended: 2017-06-27 14:57:41+00:00
# ssh app01
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
f5:21:f0:0c:b7:4b:cf:c4:f2:8f:9c:8a:75:d3:55:5c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending RSA key in /var/lib/sss/pubconf/known_hosts:4
RSA host key for app01 has changed and you have requested strict checking.
Host key verification failed.On Tue, Jun 27, 2017 at 11:47 AM Rob Crittenden <rcritten@redhat.com> wrote:Ataliba Teixeira via FreeIPA-users wrote:
> Hello,
>
> reading some docs about the sync of my two servers :
>
> # ipa-replica-manage list
> server1.domain: master
> server2.domain: master
>
>
> # ipa-replica-manage list-ruv
> Directory Manager password:
>
> Replica Update Vectors:
> server2.domain:389: 7
> server1.domain:389: 4
> Certificate Server Replica Update Vectors:
> No CS-RUVs found.
>
>
> My doubt is . To solve this i only need to run the command :
>
> ipa-replica-manage force-sync --from srv2.domain
I'm not sure what problem you are trying to solve. The above doesn't
show any issues.
To see replication status you need to run ipa-replica-manage list twice
like:
ipa-replica-manage list -v server1.domain
ipa-replica-manage list -v server2.domain
This will show the agreement status from both sides.
rob
--Ataliba Teixeira via Inbox by Gmail
Ataliba Teixeira via Inbox by Gmail