[Freeipa-users] getting rid of nsds5ReplConflict
Megan .
nagemnna at gmail.com
Tue May 19 18:27:32 UTC 2015
Thank you for the reply. I think I just got frustrated. I
uninstalled ipa on the dir2 replica then set it back up again as a
replica. Everything seems to be replicating just fine without errors
now. I know that this isn't the preferred or documented solution but
i needed the server back online asap.
When i run "ipa-replica-manage list-ruv" i see dir2 listed twice. Is
this a concern?
[root at dir1 ipa]# ipa-replica-manage list-ruv
dir1.example.com:389: 4
dir3.example.com:389: 5
dir2.example.com:389: 6
dir2.example.com:389: 8
On Tue, May 19, 2015 at 12:37 PM, Rich Megginson <rmeggins at redhat.com> wrote:
> On 05/19/2015 10:10 AM, Megan . wrote:
>>
>> I'm struggling with a replication conflict. I had three masters,
>> dir1, dir2, dir3. There were some weird issues with dir2 where I was
>> getting "error 49 (Invalid credentials)" without any real
>> information.
>
>
> Where did you see this? command line output? Of what command? In a log
> file? Which log file? Can you post the exact error message along with the
> context?
>
>> When i did " ipa-replica-manage list-ruv" i saw dir2
>> twice.
>
>
> Can you post the output?
>
>> I couldn't get it straight
>
>
> What does "get it straight" mean? Does it mean you ran some commands? If
> so, what commands did you run and what was the result?
>
>> so i decided to try to re-create
>> the replica. I disconnected the replica, ran the del for the replica.
>> When i check for replication conflicts i still see it in there and I
>> can't seem to get it to go away.
>
>
> Deleting and recreating the replica will not remove the replication conflict
> if the conflict has been replicated to other servers.
>
> This document doesn't say anything about resolving replica conflict entries
> by deleting and re-adding replicas:
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html
>
>> It only shows up on one of the
>> remaining masters.
>>
>> I was trying to follow the documentation
>
>
> The link above?
>
>> and use ldapmodify to change
>> the dn to cn=olddir2.somewhere.example.something.com7475d90c but
>> everything i seem to be trying doesn't work.
>
>
> What exactly did you do?
>
>>
>> I'm assuming this entry needs to be cleared up before i can
>> successfully setup dir2 again as a replica.
>
>
> No, not necessarily.
>
>
>>
>> Any help would be greatly appreciated.
>>
>> Thanks!
>>
>>
>> [root at dir1 ~]# ldapsearch -x -D "cn=directory manager" -W -b
>> "dc=somewhere,dc=example,dc=something,dc=com" "nsds5ReplConflict=*" \*
>> nsds5ReplConflict
>> Enter LDAP Password:
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <dc=somewhere,dc=example,dc=something,dc=com> with scope subtree
>> # filter: nsds5ReplConflict=*
>> # requesting: * nsds5ReplConflict
>> #
>>
>> # dir2.somewhere.example.something.com +
>> 7475d90c-f34911e4-99a0ab24-58022cdf, masters
>> , ipa, etc, somewhere.example.something.com
>> dn:
>> cn=dir2.somewhere.example.something.com+nsuniqueid=7475d90c-f34911e4-99a0ab24-5802
>>
>> 2cdf,cn=masters,cn=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
>> nsds5ReplConflict: namingConflict
>> cn=dir2.somewhere.example.something.com,cn=masters,c
>> n=ipa,cn=etc,dc=somewhere,dc=example,dc=something,dc=com
>> objectClass: top
>> objectClass: nsContainer
>> cn: dir2.somewhere.example.something.com
>>
>> # search result
>> search: 2
>> result: 0 Success
>>
>> # numResponses: 2
>> # numEntries: 1
>>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list