[Freeipa-users] Antwort: Re: Antwort: Re: WG: Re: Haunted servers?
Ludwig Krispenz
lkrispen at redhat.com
Fri Jun 19 11:23:43 UTC 2015
Hi,
On 06/19/2015 12:32 PM, Christoph Kaminski wrote:
> > in the second search I don't see nsds50ruv attributes for dead
> > entries, so the database ruv seems to be ok.
>
> these are dead:
>
> nscpentrywsi: nsDS5ReplicaBindDN:
> krbprincipalname=ldap/ipa-2.mgmt.biotronik-h
> omemonitoring.int at HSO,cn=services,cn=accounts,dc=hso
> nscpentrywsi: nsDS5ReplicaBindDN:
> krbprincipalname=ldap/ipa-2.mgmt.testsystem-
> homemonitoring.int at HSO,cn=services,cn=accounts,dc=hso
> nscpentrywsi: nsDS5ReplicaBindDN:
> krbprincipalname=ldap/ipa-2.mgmt.datacenter-
> homemonitoring.int at HSO,cn=services,cn=accounts,dc=hso
but these are bind dns, ipa adds them when creating a new replica to be
able to establish a gssapi replication, I don't know if and when they
are removed, they are definitely not in the task of cleanallruv
>
> > the first search is for the replication agreements and they keep
> > info about the consumer ruv, used in replication session. you cannot
> > modify these, but they are maintained in the dse.ldif, you could
> > edit the dse.ldif when the server is stopped.
>
> big thx, we try it and I let you know if it works!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150619/91c47014/attachment.htm>
More information about the Freeipa-users
mailing list