Pure genius. FQDN on ipa commands..... Unless I read the documentation cover-to-cover before starting anything I would never have found this. Thanks.
-Steven Auerbach -----Original Message----- From: François Cami <fc...@redhat.com> Sent: Tuesday, August 6, 2019 9:28 AM To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> Cc: Rob Crittenden <rcrit...@redhat.com>; Auerbach, Steven <steven.auerb...@flbog.edu> Subject: Re: [Freeipa-users] Re: Replacing IPA v3.0.0-51 on OEL6 with IPA v4.6.4-10 on OEL7: Making the newest replica the master On Tue, Aug 6, 2019 at 2:59 PM Auerbach, Steven via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote: > > When I add the --no-lookup option on the v4.6.4 ipa server I get the same > results I received on the v3.0.0 server: > " Cannot find ipa<#> in public server list" Are you using the FQDN of your IPA servers? The ipa-replica-manage command will not find IPA servers by their shortnames (and that's expected). > If I cannot even verify these servers in the group, how am I supposed to test > the integrity of current inter-version replication? And how will I ever > migrate the whole directory and all the inter-related services of IPA to two > new servers of version 4.6.4? The functions do not appear to work as > documented, and my trust that the command operations will behave as > documented is really shaken. > > Is my best option to build a new IPA server pair in version 4.6.4 and > de-enroll all the clients and users from the older v3.0.0 IPA and then enroll > them into the v4.6.4 IPA? > > -----Original Message----- > From: Rob Crittenden <rcrit...@redhat.com> > Sent: Monday, August 5, 2019 5:16 PM > To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> > Cc: Auerbach, Steven <steven.auerb...@flbog.edu> > Subject: Re: [Freeipa-users] Re: Replacing IPA v3.0.0-51 on OEL6 with > IPA v4.6.4-10 on OEL7: Making the newest replica the master > > Auerbach, Steven via FreeIPA-users wrote: > > From the master-master original IPA v3.0.0 server - <ipa1> - I ran and > > received the following responses: > > NOTE: using aliases within arrow points for ambiguation. > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa1>' > > [sudo] password for <user>: > > Cannot find <ipa1> in public server list > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa2>' > > Directory Manager password: > > > > Cannot find <ipa2> in public server list > > > > [<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa3>' > > Directory Manager password: > > > > Cannot find <ipa3> in public server list > > It is looking for the list of masters in > cn=masters,cn=ipa,cn=etc,dc=example,dc=com. I'd search that to see what is > there. > > A plain ipa-replica-manage list will list all masters and IIRC they do show. > > > From the replica-master server recently made with IPA v4.6.5 - <ipa3> - I > > ran and received the following responses: > > NOTE: using aliases within arrow points for ambiguation. > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa1>' > > [sudo] password for <user>: > > Unknown host <ipa1>: Host '<ipa1>' does not have corresponding DNS > > A/AAAA record > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa2>' > > Directory Manager password: > > > > Unknown host ipa-r02: Host 'ipa-r02' does not have corresponding DNS > > A/AAAA record > > > > [<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa3>' > > Directory Manager password: > > > > Unknown host ipa03: Host 'ipa03' does not have corresponding DNS > > A/AAAA record > > Try adding --no-lookup to the command to skip the lookup. > > rob > > > > > > > > > Steven Auerbach > > Assistant Director of Information Systems Information Technology & > > Security State University System of Florida Board of Governors > > 325 W. Gaines Street, Suite 1625 > > Tallahassee, Florida 32399 > > (850) 245-9592 > > steven.auerb...@flbog.edu > > _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
