[Freeipa-users] IPA Replication not working for User and DNS

Yogesh Sharma yks0000 at gmail.com
Fri Oct 30 10:46:20 UTC 2015 

Team,

Noticed that user created on IPA Master are not replicating on Replica.

Also, we create a new Zone in Master, However we do not see the same in
replica server.


Below is the information:

>From Master:

[root at ipa-inf-prd-ng2-01 ~]# ipa-replica-manage list -v
ipa-inf-prd-ng2-01.klikpay.int
Directory Manager password:

ipa-inf-prd-ng2-02.klikpay.int: replica
  last init status: None
  last init ended: None
  last update status: -1 Unable to acquire replicaLDAP error: Can't contact
LDAP server
  last update ended: None
[root at ipa-inf-prd-ng2-01 ~]#



>From Replica:


[root at ipa-inf-prd-ng2-02 ~]# ipa-replica-manage list -v
ipa-inf-prd-ng2-02.klikpay.int
Directory Manager password:

ipa-inf-prd-ng2-01.klikpay.int: replica
  last init status: None
  last init ended: None
  last update status: 0 Replica acquired successfully: Incremental update
succeeded
  last update ended: 2015-10-30 10:36:25+00:00
[root at ipa-inf-prd-ng2-02 ~]#


Though it says it is replicated (last update ended), We are not seeing new
users and the new DNS Zone which we created


I also tried force replication, though I can not see the new Changes:

[root at ipa-inf-prd-ng2-02 ~]# ipa-replica-manage force-sync --from
ipa-inf-prd-ng2-01.klikpay.int
Directory Manager password:

ipa: INFO: Setting agreement
cn=meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping
tree,cn=config schedule to 2358-2359 0 to force synch
ipa: INFO: Deleting schedule 2358-2359 0 from agreement cn=
meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping
tree,cn=config
[root at ipa-inf-prd-ng2-02 ~]#


Once I do re-initialization, it gives "Can't Contact LDAP Server"

[root at ipa-inf-prd-ng2-02 ~]# ipa-replica-manage re-initialize --from
ipa-inf-prd-ng2-01.klikpay.int
Directory Manager password:

ipa: INFO: Setting agreement
cn=meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping
tree,cn=config schedule to 2358-2359 0 to force synch
ipa: INFO: Deleting schedule 2358-2359 0 from agreement cn=
meToipa-inf-prd-ng2-02.klikpay.int,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping
tree,cn=config

[ipa-inf-prd-ng2-01.klikpay.int] reports: Update failed! Status: [-1  -
LDAP error: Can't contact LDAP server]




*Best Regards,*

*__________________________________________*

*Yogesh Sharma*
*Email: yks0000 at gmail.com <yks0000 at gmail.com> | Web: www.initd.in
<http://www.initd.in/> *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

<https://www.fb.com/yks0000>   <http://in.linkedin.com/in/yks0000>
<https://twitter.com/checkwithyogesh>
<http://google.com/+YogeshSharmaOnGooglePlus>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151030/2798118d/attachment.htm>

More information about the Freeipa-users mailing list