[Freeipa-users] error trying to re-setup ipa replica
Shashi Dahal
shashi.dahal at spilgames.com
Wed Oct 1 14:20:40 UTC 2014
Hi,
This is what I have.
ipa01 - master
ipa02 - replica
ipa03 - replica
ipa02 crashed, and re-setup
I used the gpg file from master and trying to re-create the replica:
ipa-replica-install ipa02.gpg
gives:
The host ipa02.local.zone already exists on the master server.
You should remove it before proceeding:
% ipa host-del ipa02.local.zone
I login to the master server and if I do ipa-replica-manage list , it shows: ipa02.local.zone: master
Trying to delete it with ipa host-del ipa02.local.zone fails saying:
ipa: ERROR: invalid 'hostname': An IPA master host cannot be deleted or disabled
ipa-replica-manage del ipa02.local.zone fails saying:
'ipa01.local.zone' has no replication agreement for 'ipa02.local.zone'
I searched the mailing list and it was suggested that I should do a ldapsearch and ldapdelete.
here is the search:
ldapsearch -LLL -x -b cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01
dn: cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01
objectClass: top
objectClass: nsContainer
cn: ipa02.local.zone
dn: cn=KDC,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 10
cn: KDC
dn: cn=KPASSWD,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=sp
il
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 20
cn: KPASSWD
dn: cn=MEMCACHE,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=s
pil
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 39
cn: MEMCACHE
dn: cn=HTTP,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 40
cn: HTTP
dn: cn=DNS,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01
objectClass: nsContainer
objectClass: ipaConfigObject
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 30
cn: DNS
I tried delete, but I get:
ldapdelete -x -D 'cn=KDC,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01'
ldap_bind: Server is unwilling to perform (53)
additional info: Unauthenticated binds are not allowed
I have located that there is -W
ldapdelete -x -D 'cn=KDC,cn=ipa02.local.zone,cn=masters,cn=ipa,cn=etc,dc=ipa,dc=dc01' -W
it askes for LDAP Password:
Entering the password gives: ldap_bind: Inappropriate authentication (48)
Can anyone who faced similar issues help me on how do I fix it ?
Cheers,
Shashi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141001/f542d14f/attachment.htm>
More information about the Freeipa-users
mailing list