[Freeipa-users] What to do next???: IPA replica host entry is removed on web UI by mistake

David Copperfield cao2dan at yahoo.com
Wed May 16 19:23:10 UTC 2012 

Hi all,

 I accidentally removed one of my IPA replica host on IPA web UI by mistake, on the host list I planed to remove ipaclient02.example.com, but accidentally the mouse moved to ipareplica02.example.com and the latter got removed without a prompt.

I realized the mistake and tried to recover from this disaster but it was already too late, the change propagated to all the replicas and the poor ipareplica02 now stops functioning.

[root at ipareplica02 slapd-EXAMPLE-COM]# ipa service-find
ipa: ERROR: cannot connect to u'https://ipareplica02.qe9.jigsaw.com/ipa/xml': Internal Server Error
[root at ipareplica02 slapd-EXAMPLE-COM]# ipa user-find
ipa: ERROR: cannot connect to u'https://ipareplica02.qe9.jigsaw.com/ipa/xml': Internal Server Error
[root at ipareplica02 slapd-EXAMPLE-COM]# ipa host-find
ipa: ERROR: cannot connect to u'https://ipareplica02.qe9.jigsaw.com/ipa/xml': Internal Server Error
[root at ipareplica02 slapd-EXAMPLE-COM]# 

On the IPA master, It was found that ipareplica02 didn't show up in 'host-find' list or 'service-find' list. Though it still showed in the master list reported by 'ipa-replica-manage' and 'ipa-csreplica-manage', the real command 'ipa-replica-manage list ipareplica02' fails with LDAP could't reach error.

What should I do now? Is there are any other ways to recover besides uninstall and reinstall of IPA replica ipareplica02?

 BTW, it will be more than appreciated if the web UI could pop up a warning prompt when removing host/services entries associated with IPA masters and IPA replicas.
 
Thanks.

--David

________________________________
 From: Rich Megginson <rmeggins at redhat.com>
To: Ben Ho <ben13ho at hotmail.com> 
Cc: freeipa-users at redhat.com 
Sent: Tuesday, May 15, 2012 5:33 PM
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
 

On 05/15/2012 02:49 PM, Ben Ho wrote: 
 
>This is the information I retrieved about my server.
>
>
>ipa-server-selinux-2.1.3-9.el6.x86_64
>ipa-client-2.1.3-9.el6.x86_64
>ipa-server-2.1.3-9.el6.x86_64
>CentOS release 6.2
>389-ds-base-1.2.9.14-1.el6_2.2.x86_64
>
>
>Thanks again.
Is replication otherwise working?



>
>-Ben
>
>
>________________________________
>Date: Tue, 15 May 2012 13:15:46 -0600
>From: rmeggins at redhat.com
>To: ben13ho at hotmail.com
>CC: freeipa-users at redhat.com
>Subject: Re: [Freeipa-users] Help with ipa-replica-manage
>
>On 05/15/2012 01:00 PM, Ben Ho wrote: 
> 
>>Hello,
>>  I am pretty new to IPA.  Right now I have three servers that are running IPA.  I am trying to replicate one server to two other servers.  I use this command:
>>
>>
>>ipa-replica-manage re-initialize --from example2.edu
>>
>>
>>  On the first server I need to replicate, it works fine.  However, on the second server I get this message in my log files.  The errors get printed out once every 1 to 5 minutes.
>>
>>
>>[15/May/2012:14:22:43 -0400] NSMMReplicationPlugin - agmt="cn=meToexample1.edu" (example1:389): Schema replication update failed: Type or value exists
>>[15/May/2012:14:22:43 -0400] NSMMReplicationPlugin - agmt="cn=meToexample1.edu" (example1:389): Warning: unable to replicate schema: rc=1
>>[15/May/2012:14:22:47 -0400] NSMMReplicationPlugin - agmt="cn=meToexample2.edu" (example2:389): Schema replication update failed: Type or value exists
>>[15/May/2012:14:22:47 -0400] NSMMReplicationPlugin - agmt="cn=meToexample2.edu" (example2:389): Warning: unable to replicate schema: rc=1
>>
>>
>>
>>
>>  Again, I am pretty new to this, so any help or tips would be appreciated.
>What platform and what version of 389-ds-base and ipa-server
          for all of your servers?
>
>
>
>>
>>  Thanks!
>>
>>
>>-Ben
>>
>>
>>
>>
>>_______________________________________________
Freeipa-users mailing list Freeipa-users at redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
>

_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120516/1be39ebd/attachment.htm>

More information about the Freeipa-users mailing list