Hi,
can you provide the logs of the replica installation
(/var/log/ipareplica-install.log and /var/log/pki/pki-ca-spawn.$date.log) ?
In the logs you can find which server was used to initialize the data (look
for a line with ipa-replica-conncheck), the logs from this server may also
be useful (/va
Hi,
is the topology at domain level 1 or domain level 0?
# kinit admin
# ipa domainlevel-get
If the level is 1, the right command in order to remove a replica + ignore
topology disconnect issues is
# kinit admin
# ipa server-del --ignore-topology-disconnect
The error "not allowed on non-leaf en
Hi guys.
Two masters from which third got disconnected in a "dirty"
manner.
-> $ ipa-replica-manage del midway.ccn.priv.dom
Server removal aborted:
Replication topology in suffix 'domain' is disconnected:
Topology does not allow server love.ccn.priv.dom to
replicate with servers:
midway
Hey there
Using freeipa on centos (ipa-server-4.6.8-5.el7.centos.6.x86_64) we fail to add
an additional replica, but only when enabling CA services (option "--setup-ca").
We use the following command to stage a new replica (and have in the past):
> ipa-replica-install --principal admin --admin-p
Hi,
Please have a look at dirsrv's logs for replication issues when you
add an entry.
François
On Mon, Jul 5, 2021 at 9:31 AM Kees Bakker via FreeIPA-users
wrote:
>
> Hi Flo,
>
> Do you perhaps have another hint what I can check?
>
> On 01-07-2021 21:44, Kees Bakker via FreeIPA-users wrote:
>
>
Hi Flo,
Do you perhaps have another hint what I can check?
On 01-07-2021 21:44, Kees Bakker via FreeIPA-users wrote:
Hi Flo,
No there are none.
All three servers report:
search: 2
result: 0 Success
On 01-07-2021 21:01, Florence Renaud wrote:
Hi Kees,
can you also check if there are replicat
