[Freeipa-users] Replication problems with having more than one replica?

[Steven Jones]

steps 

==============
1) Fresh replica key 
2) attempt to join with the ipa-manage-replica key command this fails 
3) Check the 2nd servers dirsrv is running (service dirsrv status), if not start it with service dirsrv start 
4) run ipa-replica-manage force-sync -from ipa1 on ipa2 
5) Check the 2nd servers dirsrv is still running 
6) On Ipa1 (the master) run ipa-replica-manage del ipam002 
7) run ipa-server-install --uninstall on ipam002 
8) run ipa-server-install and this seems to succeed 

So far 1 to 2 and 2 to 1 replication is running HOWEVER replication on 2 to 3 does NOT work.....1 to 3 does and 3 to 1 does. I tried running ipa-replica-manage force-sync --from ipam1 but this wont sync, yet it used to.....
==============

So when adding 2 back in replication 1 to 3 breaks.....so I tried removing 3 and re-adding and that failed.....I get a GSSAPI error....

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: Rob Crittenden [rcritten at redhat.com]
Sent: Thursday, 14 June 2012 9:54 a.m.
To: Steven Jones
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] Replication problems with having more than one replica?

Steven Jones wrote:
> Hi,
>
> Has anyone seen replication issues when you have more than one replica?
>
> If I have ipa1 as the master and 2 as the replica I am OK, if I add ipa3 as a second replica 1 to 3 works both ways, and 2 to 1 works but not 1 to 2....
>
> I removed and re-added 2 and find that 3 now no longer works....
>

We need details. What doesn't work? How did you remove and re-add 2? Are
any errors logged when this happens?

rob