[Freeipa-users] Deleting a down ipa master?

Nathan lagern at lafayette.edu
Thu May 2 17:30:51 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 05/02/2013 01:07 PM, Rob Crittenden wrote:
> Nathan wrote: ipa-replica-manage does not seem to have a --cleanup
> option...  Can you give me more detail about how it's used?
> 
>> --cleanup was introduced in FreeIPA 3.0.
> 
>> It sounds like you just have a masters entry left over in 
>> cn=masters,cn=ipa,cn=etc,dc=example,dc=com. If that is the case
>> then you can simply remove those entries.
> 
>> You should also check out CLEANRUV at 
>> http://directory.fedoraproject.org/wiki/Howto:CLEANRUV (skip past
>> the CLEANALLRUV part, it probably isn't available if you are
>> still using IPA 2.2).
> 
root at caroline2 PROD ~]# rpm -qa ipa-server
ipa-server-2.2.0-17.el6_3.1.x86_64


This is on RHEL 6.3.

Thanks!  I'll look into the doc you mentioned.

How easy is it to check for, and remove the ldap entry you mentioned?
I'm not an ldap admin, but I have some at my disposal if needed.

Thanks!


>> rob
> 
> 
> 
> 
> On 05/02/2013 12:07 PM, Petr Viktorin wrote:
>>>> On 05/02/2013 05:21 PM, Nathan wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>>>> 
>>>>> List still shows caroline1.
>>>>> 
>>>>> [root at caroline2 PROD ~]# ipa-replica-manage list 
>>>>> caroline0.lafayette.edu: master caroline2.lafayette.edu:
>>>>> master caroline1.lafayette.edu: master
>>>>> 
>>>>> 
>>>>> - -v does not seem to change the output at all. I even
>>>>> tried moving the - -v around in the command line, to see if
>>>>> placement mattered.
>>>>> 
>>>>> [root at caroline2 PROD ~]# ipa-replica-manage -v  del
>>>>> --force caroline1.lafayette.edu 'caroline2.lafayette.edu'
>>>>> has no replication agreement for 'caroline1.lafayette.edu' 
>>>>> [root at caroline2 PROD ~]# ipa-replica-manage del -v --force 
>>>>> caroline1.lafayette.edu 'caroline2.lafayette.edu' has no 
>>>>> replication agreement for 'caroline1.lafayette.edu' 
>>>>> [root at caroline2 PROD ~]# ipa-replica-manage del --force -v 
>>>>> caroline1.lafayette.edu 'caroline2.lafayette.edu' has no 
>>>>> replication agreement for 'caroline1.lafayette.edu' 
>>>>> [root at caroline2 PROD ~]# ipa-replica-manage list 
>>>>> caroline0.lafayette.edu: master caroline2.lafayette.edu:
>>>>> master caroline1.lafayette.edu: master
>>>>> 
>>>>> 
>>>>> Is --cleanup destructive?  Is there some reason that it
>>>>> should not try it?
>>>> 
>>>> Looking at the code, it only cleans up the Kerberos info and
>>>> host entry, not DNS records or RUV.
>>>> 
> 
>> 
>> _______________________________________________ Freeipa-users
>> mailing list Freeipa-users at redhat.com 
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> 
> 

- -- 
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlGCossACgkQsZqG4IN3sunlrwCfVQy+yNXmf7HzBCFGn4drUJia
lHcAn0XdEKth/TGZOLmqTe9SNvxLDwch
=5I0n
-----END PGP SIGNATURE-----

More information about the Freeipa-users mailing list