[Freeipa-users] Replication stopped working

Guillermo Fuentes guillermo.fuentes at modernizingmedicine.com
Thu Sep 4 15:11:28 UTC 2014 

Hello list,

We’re running FreeIPA with a master and 3 replicas. The replication
stopped working and currently we’re adding resources only to the
master. This is the environment we have:
m1:
  OS: CentOS release 6.5
  FreeIPA: 3.0.0-37
  CA: pki-ca-9.0.3


# ipa-replica-manage list -v `hostname`
m2.example.com: replica
  last init status: None
  last init ended: None
  last update status: 49  - LDAP error: Invalid credentials
  last update ended: None
m3.example.com: replica
  last init status: None
  last init ended: None
  last update status: 0 Replica acquired successfully: Incremental
update succeeded
  last update ended: 2014-09-04 14:28:44+00:00
m4.example.com: replica
  last init status: None
  last init ended: None
  last update status: -2  - LDAP error: Local error
  last update ended: None

m2:
  OS: CentOS release 6.5
  FreeIPA: 3.0.0-37

# ipa-replica-manage list -v `hostname`
m1.example.com: replica
  last init status: None
  last init ended: None
  last update status: -1 Incremental update has failed and requires
administrator actionLDAP error: Can't contact LDAP server
  last update ended: 2014-09-03 22:53:21+00:00

m3:
  OS: CentOS release 6.5
  FreeIPA: 3.0.0-37

# ipa-replica-manage list -v `hostname`
m1.example.com: replica
  last init status: None
  last init ended: None
  last update status: 0 Replica acquired successfully: Incremental
update succeeded
  last update ended: 2014-09-04 14:31:51+00:00

m4:
  OS: CentOS release 6.5
  FreeIPA: 3.3.3-28

# ipa-replica-manage list -v `hostname`
m1.example.com: replica
  last init status: None
  last init ended: None
  last update status: 49 Unable to acquire replicaLDAP error: Invalid
credentials
  last update ended: None


Note that although m3 reports “Incremental update succeeded”, users
created on m1 are not replicated to m3, and users created on m3 are
not replicated back to m1.

We’ve tried different things including re-initializing m2.

Can somebody point me in the right direction to get replication going again?

Thanks in advance!

Guillermo

More information about the Freeipa-users mailing list