[Freeipa-users] Deleting a down ipa master?
Nathan
lagern at lafayette.edu
Thu May 2 19:10:26 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/02/2013 02:48 PM, Rob Crittenden wrote:
> Nathan wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>>
>>
>> On 05/02/2013 01:56 PM, Rob Crittenden wrote:
>>> $ ldapsearch -LLL -x -b
>>> cn=oldmaster.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
>>>
>>>
dn
>>>
>>> Then carefully paste each dn, minus the dn:, in REVERSE order,
>>> to:
>>>
>>> $ ldapdelete -x -D 'cn=Directory Manager' -w cn=HTTP...
>>> cn=ldap...
>>>
>>> ^D to exit
>>
>> My ipa domain is "systems.lafayette.edu", so I had to work that
>> into your search string, but I think I have it.
>>
>> So, here's some output.
>>
>> [root at caroline0 PROD ~]# ldapsearch -LLL -x -b
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
>>
>>
>>
dn
>> dn:
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayett
>>
>>
>>
e,dc=edu
>>
>> So, from your ldapdelete example, would I.....
>>
>> $ ldapdelete -x -D 'cn=Directory Manager' -w
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
>>
>>
>>
^D
>
> Yup, use -W to prompt, or -w <password> to pass on cli.
>
> Note that this confirms that IPA doesn't think this server is
> actually providing any services.
>
> rob
>
This seems to have done the trick!
[root at caroline0 PROD ~]# ldapdelete -x -D 'cn=Directory Manager' -W
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
Enter LDAP Password:
[root at caroline0 PROD ~]# ldapsearch -LLL -x -b
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
dn
No such object (32)
Matched DN: cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
[root at caroline0 PROD ~]# ls
anaconda-ks.cfg ca-agent.p12 cacert.p12 cobbler.ks install.log
install.log.syslog ks-rhn-post.log RPM-GPG-KEY-lafayette
[root at caroline0 PROD ~]# ipa-replica-manage list
caroline0.lafayette.edu: master
caroline2.lafayette.edu: master
Thanks a bunch!
This is the second or third time you've helped me out of a bind, I owe
you a beer.
- --
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlGCuiIACgkQsZqG4IN3sul5VQCdHxqnYgV6WHHRQXG/RivTLcnN
F60AoKCoQAVXs99K0rcKhtkkefcAlQo4
=v07c
-----END PGP SIGNATURE-----
More information about the Freeipa-users
mailing list