[Freeipa-users] Delete AD replica failure
Sigbjorn Lie
sigbjorn at nixtra.com
Sun Mar 20 17:28:12 UTC 2011
Hi,
I just did a fresh installation of FreeIPA 2 on a host called ipa1,
created a replica on a second server called ipa2. I then created a
winsync replica to an AD domain on the ipa1 host.
I noticed that I forgot the --win-subtree option and decided to delete
the replication agreement:
# ipa-replica-manage -H ipa1.ix.nowhere.com del dc01.ad.nowhere.com
Directory Manager password:
Unable to delete replica dc01.ad.nowhere.com: {'desc': "Can't contact
LDAP server"}
If I did a force a got a bit more output, where it complains about the
ipa2 replica server not having a sync agreement with the dc01 server.
# ipa-replica-manage -v -f -H ipa1.ix.nowhere.com del dc01.ad.nowhere.com
Directory Manager password:
Unable to connect to replica dc01.ad.nowhere.com, forcing removal
Forcing removal on 'dc01.ad.nowhere.com'
'ipa2.ix.nowhere.com' has no replication agreement for 'dc01.ad.nowhere.com'
Is this intended behavior or a bug?
After re-creating the sync agreement with the win-subtree option, IPA
synced with AD successfully.
Rgds,
Siggi
More information about the Freeipa-users
mailing list