[Freeipa-users] unable to delete dead freeipa replica

Petr Vobornik pvoborni at redhat.com
Fri Nov 6 14:28:08 UTC 2015 

On 11/05/2015 05:32 PM, Andrew Holway wrote:
> Actually I'm starting to feel like this is a bug. Managed to get the old
> IPA server back up and ran .
>
> "ipa-server-install --uninstall"
>
> Which completed successfully and gave the advice:
>
> Replication agreements with the following IPA masters found: freeipa-
>
> prod-b-032.cloud.foo.com. Removing any replication agreements before
>
> uninstalling the server is strongly recommended. You can remove replication
>
> agreements by running the following command on any other IPA master:
>
> $ ipa-replica-manage del freeipa-prod-a-031.cloud.foo.com
>
>
> Running this command on the other IPA servers gives the following:
>
>
> [root at freeipa-prod-a-033 centos]# ipa-replica-manage del
> freeipa-prod-a-031.cloud.foo.com
>
> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>
> 'freeipa-prod-a-033.cloud.dcmn.com' has no replication agreement for'
> freeipa-prod-a-031.cloud.foo.com'
>
>
> I dont see anything in the logs.
>
>
> Thanks,
>
>
> Andrew
>
> On 5 November 2015 at 16:58, Andrew Holway <andrew.holway at gmail.com> wrote:
>
>> One of our FreeIPA replicas had its filesystem hosed so we want to remove
>> it. Can someone show me the sequence of commands to remove a down replica?
>>
>> Thanks,
>>
>> Andrew
>>
>>
>>
>> [root at freeipa-prod-a-033 centos]# ipa-replica-manage list
>>
>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>>
>> freeipa-prod-a-031.cloud.foo.com: master
>>
>> freeipa-prod-a-033.cloud.foo.com: master
>>
>> freeipa-prod-b-032.cloud.foo.com: master
>>
>> [root at freeipa-prod-a-033 centos]# ipa-replica-manage del --force
>> freeipa-prod-a-031.foo.dcmn.com
>>
>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
>>
>> 'freeipa-prod-a-033.cloud.foo.com' has no replication agreement for'
>> freeipa-prod-a-031.cloud.dcmn.com'
>>

If freeipa-prod-a-031 is already uninstall, use also --cleanup option:

ipa-replica-manage del --force --cleanup freeipa-prod-a-031.foo.dcmn.com

        -f, --force
               Ignore some types of errors, don't prompt when deleting a 
master
        -c, --cleanup
               When deleting a master with the --force flag, remove 
leftover references to an already deleted master.
-- 
Petr Vobornik

More information about the Freeipa-users mailing list