[Freeipa-users] adding replication agreements

Rob Crittenden rcritten at redhat.com
Thu Oct 30 15:31:46 UTC 2014

Shashi Dahal wrote:
> Hi, 
> I have ipa master server: A
> and I have 2 ipa replicas: B and C 
> replica B crashed, so it was deleted from A and recreated using
> ipa-replica-parepare to generate the file and set it up from there. 
> in server A B and C, if I do ipa-replica-manage  list
> serverA lists  A B and C as master
> serverB lists  A B and C as master
> serverC lists only A and C as master .. B is missing. 
> trying the command ipa-replica-manage connect B  from serverC
>  gives: You cannot connect to a previously deleted master
> now how do I add trust relationship between C and B ? 

I changed the subject as this isn't trust, it's replication. I don't
want to be pedantic but there is a significant difference.

What I'd do, on each master, is this:

ipa-replica-manage list -v `hostname`

I think you'll find that C isn't getting updates. The masters list is
stored in LDAP so if C doesn't know that B exists it likely means that
its data is stale.


More information about the Freeipa-users mailing list