[Freeipa-users] Deleting a down ipa master?

Nathan lagern at lafayette.edu
Thu May 2 19:10:26 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 05/02/2013 02:48 PM, Rob Crittenden wrote:
> Nathan wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> 
>> 
>> On 05/02/2013 01:56 PM, Rob Crittenden wrote:
>>> $ ldapsearch -LLL -x -b 
>>> cn=oldmaster.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
>>>
>>> 
dn
>>> 
>>> Then carefully paste each dn, minus the dn:, in REVERSE order,
>>> to:
>>> 
>>> $ ldapdelete -x -D 'cn=Directory Manager' -w cn=HTTP...
>>> cn=ldap...
>>> 
>>> ^D to exit
>> 
>> My ipa domain is "systems.lafayette.edu", so I had to work that
>> into your search string, but I think I have it.
>> 
>> So, here's some output.
>> 
>> [root at caroline0 PROD ~]# ldapsearch -LLL -x -b 
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
>>
>>
>> 
dn
>> dn: 
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayett
>>
>>
>> 
e,dc=edu
>> 
>> So, from your ldapdelete example, would I.....
>> 
>> $ ldapdelete -x -D 'cn=Directory Manager' -w 
>> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
>>
>>
>> 
^D
> 
> Yup, use -W to prompt, or -w <password> to pass on cli.
> 
> Note that this confirms that IPA doesn't think this server is
> actually providing any services.
> 
> rob
> 

This seems to have done the trick!

[root at caroline0 PROD ~]# ldapdelete -x -D 'cn=Directory Manager' -W
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu

Enter LDAP Password:
[root at caroline0 PROD ~]# ldapsearch -LLL -x -b
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
dn
No such object (32)
Matched DN: cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
[root at caroline0 PROD ~]# ls
anaconda-ks.cfg  ca-agent.p12  cacert.p12  cobbler.ks  install.log
install.log.syslog  ks-rhn-post.log  RPM-GPG-KEY-lafayette
[root at caroline0 PROD ~]# ipa-replica-manage list
caroline0.lafayette.edu: master
caroline2.lafayette.edu: master


Thanks a bunch!


This is the second or third time you've helped me out of a bind, I owe
you a beer.

- -- 
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlGCuiIACgkQsZqG4IN3sul5VQCdHxqnYgV6WHHRQXG/RivTLcnN
F60AoKCoQAVXs99K0rcKhtkkefcAlQo4
=v07c
-----END PGP SIGNATURE-----

More information about the Freeipa-users mailing list