# ipa-replica-manage list `hostname` ipa2.example.net: replica ipa3.example.net: replica ipa4.example.net: replica
ipa2.example.net should not be there. How do I remove it? On 6 April 2016 at 18:55, Rob Crittenden <rcrit...@redhat.com> wrote: > Prashant Bapat wrote: > >> Hi, >> >> We had 4 IPA servers in master master mode with all of them connected to >> each other. >> >> IPA1 <----> IPA2 (colo 1) >> IPA3 <----> IPA4 (colo 2) >> >> One of the replica servers (IPA2) had to be rebuild. >> >> So I went ahead and used below commands. >> >> ipa-replica-manage disconnect IPA2 IPA3 >> ipa-replica-manage disconnection IPA2 IPA4 >> ipa-replica-manage del IPA2 (to remove it on IPA1). >> >> An then ran ipa-server-install --uninstallon IPA2. >> >> Created the replica info file using ipa-replica-prepare IPA2. >> >> When I tried to run ipa-replica-install on IPA2, it says >> >> A replication agreement for this host already exists. It needs to be >> removed. >> Run this on the master that generated the info file: >> % ipa-replica-manage del ipa2.example.net <http://ipa2.example.net> >> --force >> >> Now on IPA1, no matter what I do it still has references to IPA2. >> >> So far I have tried the following. >> >> 1. ipa-replica-manage del --force IPA2 >> 2. ipa-replica-manage del --force --cleanruv IPA2 >> 3. /usr/sbin/cleanallruv.pl <http://cleanallruv.pl> -D "cn=directory >> manager" -w - -b "dc=example,dc=net" -r 6 >> >> >> Got the rid = 6 by running >> ldapsearch -Y GSSAPI -b "dc=example,dc=net" >> >> '(&(nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff)(objectclass=nstombstone))' >> nsds50ruv >> >> In the directory server logs, I guess its still trying to connect to >> IPA2 and failing. Below are some lines. >> >> [06/Apr/2016:10:18:09 +0000] NSMMReplicationPlugin - >> agmt="cn=meToipa2.example.net <http://meToipa2.example.net>" (ipa2:389): >> Replication bind with GSSAPI auth failed: LDAP error -1 (Can't contact >> LDAP server) () >> [06/Apr/2016:10:18:09 +0000] NSMMReplicationPlugin - CleanAllRUV Task >> (rid 6): Replica not online (agmt="cn=meToipa2.example.net >> <http://meToipa2.example.net>" (ipa2:389)) >> [06/Apr/2016:10:18:09 +0000] NSMMReplicationPlugin - CleanAllRUV Task >> (rid 6): Not all replicas online, retrying in 2560 seconds... >> >> Any pointers would be helpful. >> > > On ipa1 run: > > % ipa-replica-manage list -v `hostname` > > This will give the list of actual agreements and their status. > > rob > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project