[Freeipa-users] replication procedure and status check?
Rob Crittenden
rcritten at redhat.com
Sat Dec 29 01:21:44 UTC 2012
David Copperfield wrote:
> Hi howdy,
>
> Is there a nagios check for replication check among IPA servers and
> replicas? If not, is there a way to test the replica status through some
> files or underlying LDAP command outputs?
>
> I have one test environment with a IPA server on a Vmware instance, two
> IPA replicas created from the server, and a few IPA clients which talks
> to replicas.
>
> I shutdown IPA server from time to time for whole machine level backups.
> after IPA server boots back up again, some times it fails 'IPA
> user-find' command. I am not sure:
>
> 1, how long does it take for the IPA server to replicate/sync from
> changes on IPA replicas during the server's down time?
It depends on the number of changes. 389-ds basically starts this when
the connection comes back up.
> 2, How to check the replication/sync processes?
The agreements are in cn=mapping tree,cn=config. You'll need to bind as
the directory manager or as a user delegated access to read this. There
are some delegation status attributes.
> 3, are the IPA commands failed as a protection because the IPA server
> is still in replication/sync waiting/doing process?
I'm not sure what you mean by failed. How did it fail?
rob
More information about the Freeipa-users
mailing list