[Freeipa-users] Still not working -- Re: What to do next???: IPA replica host entry is removed on web UI by mistake

Rob Crittenden rcritten at redhat.com
Fri May 18 14:06:00 UTC 2012 

David Copperfield wrote:
> Hi Rich and all,
>
> For the latest IPA version 2.1.3-9 on red hat 6.2, the CA RUV records
> clearance seems a must. Before clearance the annoying messages are
> filling /var/log/dirsrv/slapd-PKI-IPA/errors on master file, while after
> clearance the entries are gone.
>
>     [16/May/2012:19:49:40 -0700] NSMMReplicationPlugin -
>     repl_set_mtn_referrals: could not set referrals for replica o=ipaca: 20
>     [16/May/2012:19:49:57 -0700] NSMMReplicationPlugin -
>     repl_set_mtn_referrals: could not set referrals for replica o=ipaca: 20
>     [16/May/2012:19:53:21 -0700] NSMMReplicationPlugin -
>     repl_set_mtn_referrals: could not set referrals for replica o=ipaca: 20
>     [16/May/2012:19:53:24 -0700] NSMMReplicationPlugin -
>     repl_set_mtn_referrals: could not set referrals for replica o=ipaca: 20
>
>
> Before clearing CA, in there error log file, there are entry list below,
> while after clearance it is gone too.
>
>     [16/May/2012:19:49:21 -0700] NSMMReplicationPlugin -
>     replica_check_for_data_reload: Warning: data for replica o=ipaca
>     does not match the data in the changelog (replica data
>     (4fb46756000000510000) > changelog (4fb46756000000510000)).
>     Recreating the changelog file. This could affect replication with
>     replica's consumers in which case the consumers should be reinitialized.
>     [16/May/2012:19:49:21 -0700] - slapd started. Listening on All
>     Interfaces port 7389 for LDAP requests
>     [16/May/2012:19:49:21 -0700] - Listening on All Interfaces port 7390
>     for LDAPS requests
>
>
> Hope in 2.2.0 we only need to clear user data type replication, and can
> safely ignore CA type which will automatically cleaned -- in sync with
> user type replication.

The CA is just another 389-ds instance. It needs to be cleaned the same 
way any other instance would.

Nothing will change in 2.2. Hopefully this will be available for the 3.0 
release.

rob

More information about the Freeipa-users mailing list