[Freeipa-users] unhappy replication?
Rich Megginson
rmeggins at redhat.com
Tue Sep 9 16:24:42 UTC 2014
On 09/09/2014 10:12 AM, Kat wrote:
> Well - here is the problem and solution:
>
> Fails every time:
>
> Install master, enable migration, migrate existing LDAP config/users,
> setup replication, fails.
>
> Works every time:
>
> Install master, setup replication, enable migration, migrate existing
> LDAP config/users, works perfectly.
>
> So -- a problem with migration settings??
Could be. Is it a problem if the only way you can successfully set
things up is to do the latter procedure?
>
> On 9/9/14 8:25 AM, Rich Megginson wrote:
>> On 09/09/2014 09:20 AM, Kat wrote:
>>> This brings up a question - if I just installed a master --
>>> shouldn't I be able to create the replica immediately after (even if
>>> I did a migration from an old LDAP server?)
>>
>> Yes.
>>
>>> Am I looking at some sort of "wait until I'm done.." condition with
>>> the primary server?
>>
>> Well, it depends. Did you get the "[10 Total update abortedLDAP
>> error: Referral]" from the primary or the secondary?
>>
>>>
>>> This is the only other replica so there is nothing there. I guess
>>> time to go digging around. It is 3.3.3 on CentOS 7..
>>>
>>> I'll let you know if I fine anything else.
>>>
>>> Thanks.
>>>
>>> On 9/9/14 7:56 AM, Rich Megginson wrote:
>>>> On 09/09/2014 08:39 AM, Kat wrote:
>>>>> Anyone seen this before -- 2 freshly kicked CentOS 7 installs:
>>>>>
>>>>> On the replica from the ipa-replica-install :
>>>>>
>>>>> reports: Update failed! Status: [10 Total update abortedLDAP
>>>>> error: Referral]
>>>>> Your system may be partly configured.
>>>>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>>>
>>>> Is it possible that the replica was being initialized by another
>>>> replica, or you tried to initialize it again while a replica init
>>>> was already running? Error 10 Referral is returned by a replica
>>>> when you attempt an ldap operation against it while it is being
>>>> initialized i.e. the database is locked, so any other operation
>>>> gets a "busy signal" and a referral to another replica.
>>>>
>>>>>
>>>>> and then the errors file for 389-ds
>>>>>
>>>>> "The remote replica has a different database generation ID than
>>>>> the local database. You may have to reinitialize the remote
>>>>> replica, or the local replica."
>>>>
>>>> This just means the replica has not been initialized yet.
>>>>
>>>>>
>>>>> ~K
>>>>>
>>>>
>>>
>>
>
More information about the Freeipa-users
mailing list