[Freeipa-users] Delete AD replica failure
Sigbjorn Lie
sigbjorn at nixtra.com
Mon Mar 21 22:04:59 UTC 2011
On 03/21/2011 02:31 PM, Simo Sorce wrote:
> On Sun, 20 Mar 2011 18:28:12 +0100
> Sigbjorn Lie<sigbjorn at nixtra.com> wrote:
>
>> Hi,
>>
>> I just did a fresh installation of FreeIPA 2 on a host called ipa1,
>> created a replica on a second server called ipa2. I then created a
>> winsync replica to an AD domain on the ipa1 host.
>>
>> I noticed that I forgot the --win-subtree option and decided to
>> delete the replication agreement:
>>
>> # ipa-replica-manage -H ipa1.ix.nowhere.com del dc01.ad.nowhere.com
>> Directory Manager password:
>> Unable to delete replica dc01.ad.nowhere.com: {'desc': "Can't contact
>> LDAP server"}
> This is not the correct command to use.
>
>> If I did a force a got a bit more output, where it complains about
>> the ipa2 replica server not having a sync agreement with the dc01
>> server.
>>
>> # ipa-replica-manage -v -f -H ipa1.ix.nowhere.com del
>> dc01.ad.nowhere.com Directory Manager password:
>> Unable to connect to replica dc01.ad.nowhere.com, forcing removal
>> Forcing removal on 'dc01.ad.nowhere.com'
>> 'ipa2.ix.nowhere.com' has no replication agreement for
>> 'dc01.ad.nowhere.com'
>>
>>
>> Is this intended behavior or a bug?
> Intended, to remove the AD replication link you need to 'disconnect'
> the AD server.
>
> Use:
> ipa-replica-manage disconnect dc01.ad.nowhere.com
Ah, thank you. :)
More information about the Freeipa-users
mailing list