[Freeipa-users] unhappy replication?

Kat uncommonkat at gmail.com
Tue Sep 9 16:12:35 UTC 2014 

Well - here is the problem and solution:

Fails every time:

Install master, enable migration, migrate existing LDAP config/users, 
setup replication, fails.

Works every time:

Install master, setup replication, enable migration, migrate existing 
LDAP config/users, works perfectly.

So -- a problem with migration settings??

On 9/9/14 8:25 AM, Rich Megginson wrote:
> On 09/09/2014 09:20 AM, Kat wrote:
>> This brings up a question - if I just installed a master -- shouldn't 
>> I be able to create the replica immediately after (even if I did a 
>> migration from an old LDAP server?) 
>
> Yes.
>
>> Am I looking at some sort of "wait until I'm done.." condition with 
>> the primary server?
>
> Well, it depends.  Did you get the "[10 Total update abortedLDAP 
> error: Referral]" from the primary or the secondary?
>
>>
>> This is the only other replica so there is nothing there.  I guess 
>> time to go digging around.  It is 3.3.3 on CentOS 7..
>>
>> I'll let you know if I fine anything else.
>>
>> Thanks.
>>
>> On 9/9/14 7:56 AM, Rich Megginson wrote:
>>> On 09/09/2014 08:39 AM, Kat wrote:
>>>> Anyone seen this before -- 2 freshly kicked CentOS 7 installs:
>>>>
>>>> On the replica from the ipa-replica-install :
>>>>
>>>> reports: Update failed! Status: [10 Total update abortedLDAP error: 
>>>> Referral]
>>>> Your system may be partly configured.
>>>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>>
>>> Is it possible that the replica was being initialized by another 
>>> replica, or you tried to initialize it again while a replica init 
>>> was already running?  Error 10 Referral is returned by a replica 
>>> when you attempt an ldap operation against it while it is being 
>>> initialized i.e. the database is locked, so any other operation gets 
>>> a "busy signal" and a referral to another replica.
>>>
>>>>
>>>> and then the errors file for 389-ds
>>>>
>>>> "The remote replica has a different database generation ID than the 
>>>> local database.  You may have to reinitialize the remote replica, 
>>>> or the local replica."
>>>
>>> This just means the replica has not been initialized yet.
>>>
>>>>
>>>> ~K
>>>>
>>>
>>
>

More information about the Freeipa-users mailing list