On Sun, 2012-03-25 at 15:55 +0200, Marco Pizzoli wrote: > Hi Martin, > > On Thu, Mar 22, 2012 at 11:50 AM, Martin Kosek <mko...@redhat.com> > wrote: > Hello Marco, > > judging from the output you sent, it looks like you had an > installed > replica on freeipa03, then stopped it with "ipactl" stop and > after that > tried to run ipa-replica-install again - krb5.conf > and /var/log/messages > you sent would support this theory. > > IPA replica agreement should be first removed with > "ipa-replica-manage > del <replica>" on freeipa01 and then uninstalled with > "ipa-server-install --uninstall" before you try to install it > again. > > > Thanks for your answer. > I tried what you suggested, but this is what I'm getting now: > > > [root@freeipa01 ~]# ipa-replica-manage -v list > freeipa01.unix.mydomain.it: master > freeipa03.unix.mydomain.it: master > [root@freeipa01 ~]# ipa-replica-manage -v del > freeipa03.unix.mydomain.it > Unable to delete replica freeipa03.unix.mydomain.it: {'desc': "Can't > contact LDAP server"} > [root@freeipa01 ~]# ps -ef|grep slap > dirsrv 1149 1 0 15:30 ? 00:00:01 /usr/sbin/ns-slapd > -D /etc/dirsrv/slapd-UNIX-MYDOMAIN-IT > -i /var/run/dirsrv/slapd-UNIX-MYDOMAIN-IT.pid > -w /var/run/dirsrv/slapd-UNIX-MYDOMAIN-IT.startpid > pkisrv 1150 1 0 15:30 ? 00:00:00 /usr/sbin/ns-slapd > -D /etc/dirsrv/slapd-PKI-IPA -i /var/run/dirsrv/slapd-PKI-IPA.pid > -w /var/run/dirsrv/slapd-PKI-IPA.startpid > > > After little investigation (should worth a more descriptive output? > ^_^) I found the LDAP server being asked was the freeipa03 one. > Yes, it was not running at the moment I executed the command. > > > I went to freeipa03 and tried to "systemctl start dirsrv.target". > This is what I have in my /var/log/messages log: > > > Mar 25 15:48:50 freeipa03 systemd[1]: Failed to load environment > files: No such file or directory > Mar 25 15:48:50 freeipa03 systemd[1]: dirsrv@UNIX-MYDOMAIN-IT.service > failed to run 'start' task: No such file or directory > Mar 25 15:48:50 freeipa03 systemd[1]: Unit > dirsrv@UNIX-MYDOMAIN-IT.service entered failed state. > > > My dirsrv access and error log files are currently not populated. > > > How can I exit from the tunnel? :-) > > > Thanks in advance again > Marco >
Hello Marco, if you want to correctly set up a 2-master configuration, you need to at first properly remove replica agreements between freeipa01 and freeipa03 (which are visible in your "ipa-replica-manage list") and then install the replica on freeipa03: # force is needed as freeipa03 is not running [root@freeipa01 ~]# ipa-replica-manage -v del freeipa03.unix.mydomain.it --force # to get a new fresh replica info file: [root@freeipa01 ~]# ipa-replica-prepare freeipa03.unix.mydomain.it # on freeipa03: [root@freeipa03 ~]# ipa-replica-install <new-replica-info-file> Does this help? Martin _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users