Hi folks, I have almost completed the FreeIPA migration from CentOS7 to Rocky8 (FreeIPA 4.9.11). Domain replications seems to be fine, but I get a replication error for ca:
[root@ipa2 ~]# ipa-csreplica-manage -v list ipaca8.example.com Directory Manager password: ipa2.example.com last init status: Error (0) Total update succeeded last init ended: 2023-07-08 14:35:09+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2023-07-08 16:20:37+00:00 ipabak.ac.example.com last init status: Error (0) Total update succeeded last init ended: 2023-07-08 16:06:05+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2023-07-08 16:20:37+00:00 ipa0.example.com last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2023-07-08 16:20:37+00:00 [root@ipa2 ~]# ipa-csreplica-manage -v list ipa2.example.com Directory Manager password: ipaca8.example.com last update status: Error (11) Replication error acquiring replica: Unable to acquire replica: the replica has the same Replica ID as this one. Replication is aborting. (duplicate replica ID detected) last update ended: 2023-07-08 15:03:47+00:00 ipa1.example.com last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2023-07-08 16:20:40+00:00 Obviously replication between ipaca8 (the CA) amd ipa2 is bad. Here is the topology for ca: [root@ipa2 ~]# ipa topologysegment-find ca | sed s/aixigo.de/example.com/g ------------------ 5 segments matched ------------------ Segment name: ipa0.example.com-to-ipa1.example.com Left node: ipa0.example.com Right node: ipa1.example.com Connectivity: both Segment name: ipa0.example.com-to-ipaca8.example.com Left node: ipa0.example.com Right node: ipaca8.example.com Connectivity: both Segment name: ipa1.example.com-to-ipa2.example.com Left node: ipa1.example.com Right node: ipa2.example.com Connectivity: both Segment name: ipa2.example.com-to-ipaca8.example.com Left node: ipa2.example.com Right node: ipaca8.example.com Connectivity: both Segment name: ipabak.ac.example.com-to-ipaca8.example.com Left node: ipabak.ac.example.com Right node: ipaca8.example.com Connectivity: both ---------------------------- Number of entries returned 5 ---------------------------- Every helpful hint is highly appreciated Harri _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
