[Freeipa-devel] misleading error message?
Oleg Fayans
ofayans at redhat.com
Wed Nov 4 10:25:47 UTC 2015
Hi all,
Is there a way to switch back to the old (based on ipa-replica-prepare)
replica installation workflow having domain level=1?
The following error message suggests that it is possible:
$ ipa-replica-install --setup-ca --setup-dns --forwarder=10.38.5.26 -P
testuser
Password for testuser at IDM.LAB.ENG.BRQ.REDHAT.COM:
ipa : ERROR The Replication Managers group is not available
in the domain. Replica promotion requires the use of Replication
Managers to be able to replicate data. Upgrade the peer master or use
the ipa-replica-prepare command on the master and use a prep file to
install this replica.
ipa.ipapython.install.cli.install_tool(Replica): ERROR The
ipa-replica-install command failed. See /var/log/ipareplica-install.log
for more information
It it is not possible (and it is not, AFAIU) we should probably remove
the ipa-replica-prepare part from this error message.
The second issue with this error message is that adding an unprivileged
user just to admins group fixes the promotion, i. e. no neeed in any
special "Replication Managers" group. Thus the message is totally
misleading.
--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.
More information about the Freeipa-devel
mailing list