[Freeipa-users] Server replication stopped working
Mike Driscoll
mike.driscoll at oracle.com
Fri Sep 23 15:51:56 UTC 2016
Hello. I have four IPA servers replicating in full mesh. All four servers are running ipa-server-4.2.0-15.0.1.el7_2.19.x86_64.
This was working for some time but now I see that no replication is occurring automatically at present.
When I update a user attribute on an IPA server, I see errors like these:
[22/Sep/2016:16:53:49 -0700] attrlist_replace - attr_replace (nsslapd-referral, ldap://ldap03.xx.com:389/o%3Dipaca) failed.
[22/Sep/2016:16:58:56 -0700] NSMMReplicationPlugin - agmt="cn=masterAgreement1-ldap03.xx.com-pki-tomcat" (ldap03:389): Incremental update failed and requires administrator action
I can reinitialize without errors.
ipa-csreplica-manage re-initialize --from=ldap01.xx.com <http://ldap04.us.oracle.com/>
ipa-replica-manage re-initialize --from=ldap01.xx.com
Afterwards I see my attribute (and other) changes are replicated on each server I re-initialize from. But subsequently, replication doesn’t seem to be happening.
I reinitialized according to the steps in Table 8.7, “Replication Errors”, but subsequent replication isn’t occurring. Any suggestions? Is it safe to identify one of my four servers as containing up-to-date data, then sever and reinstate replication relationships with the other three?
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160923/b4043124/attachment.htm>
More information about the Freeipa-users
mailing list