[Freeipa-users] Unable to remove nsTombstone objects

[Rich Megginson]

On 03/18/2015 10:50 AM, Kim Perrin wrote:
> Hi all,
> yesterday I cleared up replication problems on my last standing IPA
> server. So I somewhat feel like I'm coming out of the tunnel. Today I
> want to turn up a replica again. However before doing so I'd like to
> clean out the last remnants of data about all previous replicas.
> I can't figure out the properly formatted ldif to use to remove the
> nsds50ruv and the nsruvReplicaLastModified records in these entries.
> Any guidance on the proper ldif to use would be much appreciated --
> Here is are the tombstone entries -
>
> dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,o=ipaca
> objectClass: top
> objectClass: nsTombstone
> objectClass: extensibleobject
> nsds50ruv: {replicageneration} 5317a449000000600000
> nsds50ruv: {replica 96 ldap://noc1-prd.companyz.com:7389} 5317a455000000
> 600000 550878b9000000600000
> nsds50ruv: {replica 71 ldap://noc2-prd.companyz.com:7389} 531ce018000000
> 470000 531ce069000300470000
> nsds50ruv: {replica 76 ldap://noc4-prd.companyz.com:7389} 531cdde8000000
> 4c0000 53f659500004004c0000
> nsds50ruv: {replica 81 ldap://noc2-prd.companyz.com:7389} 531bf216000000
> 510000 531bf265000100510000
> nsds50ruv: {replica 86 ldap://noc3-prd.companyz.com:7389} 531a3222000000
> 560000 531a3256000400560000
> nsds50ruv: {replica 91 ldap://noc2-prd.companyz.com:7389} 5317f7cf000000
> 5b0000 531949920000005b0000
> nsds50ruv: {replica 97 ldap://util1-prd.companyz.com:7389} 5317a45000000
> 0610000 5317a48a000100610000
> o: ipaca
> nsruvReplicaLastModified: {replica 96 ldap://noc1-prd.companyz.com:7389}
>   550878ab
> nsruvReplicaLastModified: {replica 71 ldap://noc2-prd.companyz.com:7389}
>   00000000
> nsruvReplicaLastModified: {replica 76 ldap://noc4-prd.companyz.com:7389}
>   00000000
> nsruvReplicaLastModified: {replica 81 ldap://noc2-prd.companyz.com:7389}
>   00000000
> nsruvReplicaLastModified: {replica 86 ldap://noc3-prd.companyz.com:7389}
>   00000000
> nsruvReplicaLastModified: {replica 91 ldap://noc2-prd.companyz.com:7389}
>   00000000
> nsruvReplicaLastModified: {replica 97 ldap://util1prd.companyz.com:7389}
>   00000000
>
>
>
> Using the following to clean these did NOT work -
>
> dn: cn=clean 97,cn=cleanallruv,cn=tasks,cn=config
> changetype: add
> objectclass: top
> objectclass: extensibleObject
> replica-base-dn: dc=companyz,dc=com
> replica-id: 97
> cn: clean 97
>
Any errors in /var/log/dirsrv/slapd-DOMAIN/errors?