[Freeipa-devel] misleading error message?
Martin Basti
mbasti at redhat.com
Wed Nov 4 10:37:39 UTC 2015
On 04.11.2015 11:25, Oleg Fayans wrote:
> Hi all,
>
> Is there a way to switch back to the old (based on
> ipa-replica-prepare) replica installation workflow having domain level=1?
>
> The following error message suggests that it is possible:
>
> $ ipa-replica-install --setup-ca --setup-dns --forwarder=10.38.5.26 -P
> testuser
> Password for testuser at IDM.LAB.ENG.BRQ.REDHAT.COM:
> ipa : ERROR The Replication Managers group is not available
> in the domain. Replica promotion requires the use of Replication
> Managers to be able to replicate data. Upgrade the peer master or use
> the ipa-replica-prepare command on the master and use a prep file to
> install this replica.
> ipa.ipapython.install.cli.install_tool(Replica): ERROR The
> ipa-replica-install command failed. See
> /var/log/ipareplica-install.log for more information
>
> It it is not possible (and it is not, AFAIU) we should probably remove
> the ipa-replica-prepare part from this error message.
>
> The second issue with this error message is that adding an
> unprivileged user just to admins group fixes the promotion, i. e. no
> neeed in any special "Replication Managers" group. Thus the message is
> totally misleading.
>
https://fedorahosted.org/freeipa/ticket/5400
https://fedorahosted.org/freeipa/ticket/5399
https://fedorahosted.org/freeipa/ticket/5401
More information about the Freeipa-devel
mailing list