Any help here, freeIPA giving me a hard time. I am not able to remove bad
replicas. I have tried all possible options and google + chatGPT whatever I
can do but none helping. is there any way I can remove bad replicas from my
freeIPA?
On Thu, May 16, 2024 at 11:00 AM Satish Patel <satish.txt(a)gmail.com> wrote:
Hi Florence,
I have run all the possible commands but that thing isn't going away :(
Even I even tried to search inside ldapsearch to see if I can manually
remove them from ldap DB but it's not there either. I don't know who is
holding this information.
[root@ldap-vx-010101-4 ~]# ipa-replica-manage del
ldap-vx-010103-4.site5.example.com --clean --force
ipa: WARNING: Forcing removal of
ldap-vx-010103-4.site5.example.com
ipa: WARNING: Ignoring topology connectivity errors.
ipa: WARNING: Ignoring these warnings and proceeding with removal
ipa: WARNING: Failed to cleanup
ldap-vx-010103-4.site5.example.com DNS
entries: no such entry
ipa: WARNING: You may need to manually remove them from the tree
ipa: WARNING: Server has already been deleted
-----------------------------------------------------
Deleted IPA server "ldap-vx-010103-4.site5.example.com"
-----------------------------------------------------
[root@ldap-vx-010101-4 ~]# ipa server-del
ldap-vx-010103-4.site5.example.com --force
Removing
ldap-vx-010103-4.site5.example.com from replication topology,
please wait...
ipa: WARNING: Forcing removal of
ldap-vx-010103-4.site5.example.com
ipa: WARNING: Failed to cleanup
ldap-vx-010103-4.site5.example.com DNS
entries: no such entry
ipa: WARNING: You may need to manually remove them from the tree
ipa: WARNING: Server has already been deleted
-----------------------------------------------------
Deleted IPA server "ldap-vx-010103-4.site5.example.com"
-----------------------------------------------------
Still I can see it in list
ldap-vx-010103-4.site5.example.com: replica
last init status: Error (0)
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) No replication sessions started since
server startup
last update ended: 1970-01-01 00:00:00+00:00
On Thu, May 16, 2024 at 1:48 AM Florence Blanc-Renaud <flo(a)redhat.com>
wrote:
> Hi,
>
> On Thu, May 16, 2024 at 4:05 AM Satish Patel via FreeIPA-users <
> freeipa-users(a)lists.fedorahosted.org> wrote:
>
>> Folks,
>>
>> I am trying to build some replicas and somehow they failed but because
>> they are half baked they are stuck in master nodes and not letting me
>> remove them. I have tried all the options and don't know how to get rid of
>> them.
>>
>> I want to remove
ldap-vx-010103-1.site5.example.com and
>>
ldap-vx-010103-2.site5.example.com. I have removed them from topology
>> and from host and hostgroup ipaservers list but no luck. I have totally
>> shut down replicas nodes but still no luck. Are there any good ways to
>> clean them up?
>>
>
> The commands "ipa server-del <hostname> --force" or
"ipa-replica-manage
> del <hostname> --clean --force" should be able to remove references to
> those servers, even if they are shutdown. You need to run the command on a
> working server.
>
> HTH,
> flo
>
>>
>> [root@ldap-vx-010101-4 ~]# ipa-replica-manage list -v `hostname`
>>
ldap-vx-010101-1.site5.example.com: replica
>> last init status: None
>> last init ended: 1970-01-01 00:00:00+00:00
>> last update status: Error (0) Replica acquired successfully:
>> Incremental update succeeded
>> last update ended: 2024-05-16 01:58:02+00:00
>>
ldap-vx-010101-2.site5.example.com: replica
>> last init status: None
>> last init ended: 1970-01-01 00:00:00+00:00
>> last update status: Error (0) Replica acquired successfully:
>> Incremental update succeeded
>> last update ended: 2024-05-16 01:58:02+00:00
>>
ldap-vx-010101-3.site5.example.com: replica
>> last init status: None
>> last init ended: 1970-01-01 00:00:00+00:00
>> last update status: Error (0) Replica acquired successfully:
>> Incremental update succeeded
>> last update ended: 2024-05-16 01:58:02+00:00
>>
ldap-vx-010101-5.site5.example.com: replica
>> last init status: None
>> last init ended: 1970-01-01 00:00:00+00:00
>> last update status: Error (0) Replica acquired successfully:
>> Incremental update succeeded
>> last update ended: 2024-05-16 01:58:02+00:00
>>
ldap-vx-010103-1.site5.example.com: replica
>> last init status: Error (0)
>> last init ended: 1970-01-01 00:00:00+00:00
>> last update status: Error (-1) Problem connecting to replica - LDAP
>> error: Can't contact LDAP server (connection error)
>> last update ended: 2024-05-11 10:30:33+00:00
>>
ldap-vx-010103-2.site5.example.com: replica
>> last init status: Error (0) Total update succeeded
>> last init ended: 2024-05-10 20:35:02+00:00
>> last update status: Error (-1) Problem connecting to replica - LDAP
>> error: Can't contact LDAP server (connection error)
>> last update ended: 1970-01-01 00:00:00+00:00
>>
ldap-vx-010103-3.site5.example.com: replica
>> last init status: Error (0) Total update succeeded
>> last init ended: 2024-05-10 21:14:53+00:00
>> last update status: Error (0) Replica acquired successfully:
>> Incremental update succeeded
>> last update ended: 2024-05-16 01:58:02+00:00
>> --
>> _______________________________________________
>> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
>> To unsubscribe send an email to
>> freeipa-users-leave(a)lists.fedorahosted.org
>> Fedora Code of Conduct:
>>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
>> List Archives:
>>
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
>> Do not reply to spam, report it:
>>
https://pagure.io/fedora-infrastructure/new_issue
>>
>