[Freeipa-users] Error during ipa-replica-install

Martin Kosek mkosek at redhat.com
Mon Mar 26 06:43:23 UTC 2012 

On Sun, 2012-03-25 at 15:55 +0200, Marco Pizzoli wrote:
> Hi Martin,
> 
> On Thu, Mar 22, 2012 at 11:50 AM, Martin Kosek <mkosek at redhat.com>
> wrote:
>         Hello Marco,
>         
>         judging from the output you sent, it looks like you had an
>         installed
>         replica on freeipa03, then stopped it with "ipactl" stop and
>         after that
>         tried to run ipa-replica-install again - krb5.conf
>         and /var/log/messages
>         you sent would support this theory.
>         
>         IPA replica agreement should be first removed with
>         "ipa-replica-manage
>         del <replica>" on freeipa01 and then uninstalled with
>         "ipa-server-install --uninstall" before you try to install it
>         again.
> 
> 
> Thanks for your answer.
> I tried what you suggested, but this is what I'm getting now:
> 
> 
> [root at freeipa01 ~]# ipa-replica-manage -v list
> freeipa01.unix.mydomain.it: master
> freeipa03.unix.mydomain.it: master
> [root at freeipa01 ~]# ipa-replica-manage -v del
> freeipa03.unix.mydomain.it
> Unable to delete replica freeipa03.unix.mydomain.it: {'desc': "Can't
> contact LDAP server"}
> [root at freeipa01 ~]# ps -ef|grep slap
> dirsrv    1149     1  0 15:30 ?        00:00:01 /usr/sbin/ns-slapd
> -D /etc/dirsrv/slapd-UNIX-MYDOMAIN-IT
> -i /var/run/dirsrv/slapd-UNIX-MYDOMAIN-IT.pid
> -w /var/run/dirsrv/slapd-UNIX-MYDOMAIN-IT.startpid
> pkisrv    1150     1  0 15:30 ?        00:00:00 /usr/sbin/ns-slapd
> -D /etc/dirsrv/slapd-PKI-IPA -i /var/run/dirsrv/slapd-PKI-IPA.pid
> -w /var/run/dirsrv/slapd-PKI-IPA.startpid
> 
> 
> After little investigation (should worth a more descriptive output?
> ^_^) I found the LDAP server being asked was the freeipa03 one.
> Yes, it was not running at the moment I executed the command.
> 
> 
> I went to freeipa03 and tried to "systemctl start dirsrv.target".
> This is what I have in my /var/log/messages log:
> 
> 
> Mar 25 15:48:50 freeipa03 systemd[1]: Failed to load environment
> files: No such file or directory
> Mar 25 15:48:50 freeipa03 systemd[1]: dirsrv at UNIX-MYDOMAIN-IT.service
> failed to run 'start' task: No such file or directory
> Mar 25 15:48:50 freeipa03 systemd[1]: Unit
> dirsrv at UNIX-MYDOMAIN-IT.service entered failed state.
> 
> 
> My dirsrv access and error log files are currently not populated.
> 
> 
> How can I exit from the tunnel? :-)
> 
> 
> Thanks in advance again
> Marco
>  

Hello Marco,

if you want to correctly set up a 2-master configuration, you need to at
first properly remove replica agreements between freeipa01 and freeipa03
(which are visible in your "ipa-replica-manage list") and then install
the replica on freeipa03:

# force is needed as freeipa03 is not running
[root at freeipa01 ~]# ipa-replica-manage -v del freeipa03.unix.mydomain.it
--force
# to get a new fresh replica info file:
[root at freeipa01 ~]# ipa-replica-prepare freeipa03.unix.mydomain.it

# on freeipa03:
[root at freeipa03 ~]# ipa-replica-install <new-replica-info-file>

Does this help?
Martin

More information about the Freeipa-users mailing list