Adding to this, I am able to do ldsearch from the server which I am trying to make replica.
[root@ipa-inf-prd-ng2-02 ~]# ldapsearch -x -H ldap:// ipa-inf-prd-ng2-01.klikpay.int -s base -b '' namingContexts # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts # # dn: namingContexts: cn=changelog namingContexts: dc=klikpay,dc=int namingContexts: o=ipaca # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@ipa-inf-prd-ng2-02 ~]# *Best Regards,* *__________________________________________* *Yogesh Sharma* *Email: [email protected] <[email protected]> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> <https://twitter.com/checkwithyogesh> <http://google.com/+YogeshSharmaOnGooglePlus> On Mon, Nov 2, 2015 at 11:24 AM, Yogesh Sharma <[email protected]> wrote: > Tried to re-enroll the replica however, getting the same error, though I > am able to connect to server. > > ===== > > Starting replication, please wait until this has completed. > > [ipa-inf-prd-ng2-01.klikpay.int] reports: Update failed! Status: [-1 - > LDAP error: Can't contact LDAP server] > > [error] RuntimeError: Failed to start replication > > ===== > > > [root@ipa-inf-prd-ng2-02 ~]# telnet ipa-inf-prd-ng2-01.klikpay.int 389 > Trying 172.16.32.10... > Connected to ipa-inf-prd-ng2-01.klikpay.int. > Escape character is '^]'. > ^] > telnet> quit > Connection closed. > [root@ipa-inf-prd-ng2-02 ~]# > > > > *Best Regards,* > > *__________________________________________* > > *Yogesh Sharma* > *Email: [email protected] <[email protected]> | Web: www.initd.in > <http://www.initd.in/> * > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* > > <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> > <https://twitter.com/checkwithyogesh> > <http://google.com/+YogeshSharmaOnGooglePlus> > > On Fri, Oct 30, 2015 at 7:05 PM, Rob Crittenden <[email protected]> > wrote: > >> Yogesh Sharma wrote: >> > Team, >> > >> > Noticed that user created on IPA Master are not replicating on Replica. >> > >> > Also, we create a new Zone in Master, However we do not see the same in >> > replica server. >> >> You need to figure out why ipa-inf-prd-ng2-01.klikpay.int can't contact >> port 389 on ipa-inf-prd-ng2-02.klikpay.int. It may be someone threw up a >> firewall without telling you, or someone tweaked the rules on either of >> those boxes. >> >> Doing re-init, force-sync, etc is always going to fail if one can't talk >> to the other. >> >> rob >> >> > >> > >> > Below is the information: >> > >> > From Master: >> > >> > [root@ipa-inf-prd-ng2-01 ~]# ipa-replica-manage list -v >> > ipa-inf-prd-ng2-01.klikpay.int <http://ipa-inf-prd-ng2-01.klikpay.int> >> > Directory Manager password: >> > >> > ipa-inf-prd-ng2-02.klikpay.int <http://ipa-inf-prd-ng2-02.klikpay.int>: >> > replica >> > last init status: None >> > last init ended: None >> > last update status: -1 Unable to acquire replicaLDAP error: Can't >> > contact LDAP server >> > last update ended: None >> > [root@ipa-inf-prd-ng2-01 ~]# >> > >> > >> > >> > From Replica: >> > >> > >> > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage list -v >> > ipa-inf-prd-ng2-02.klikpay.int <http://ipa-inf-prd-ng2-02.klikpay.int> >> > Directory Manager password: >> > >> > ipa-inf-prd-ng2-01.klikpay.int <http://ipa-inf-prd-ng2-01.klikpay.int>: >> > replica >> > last init status: None >> > last init ended: None >> > last update status: 0 Replica acquired successfully: Incremental >> > update succeeded >> > last update ended: 2015-10-30 10:36:25+00:00 >> > [root@ipa-inf-prd-ng2-02 ~]# >> > >> > >> > Though it says it is replicated (last update ended), We are not seeing >> > new users and the new DNS Zone which we created >> > >> > >> > I also tried force replication, though I can not see the new Changes: >> > >> > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage force-sync --from >> > ipa-inf-prd-ng2-01.klikpay.int <http://ipa-inf-prd-ng2-01.klikpay.int> >> > Directory Manager password: >> > >> > ipa: INFO: Setting agreement cn=meToipa-inf-prd-ng2-02.klikpay.int >> > <http://meToipa-inf-prd-ng2-02.klikpay.int >> >,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping >> > tree,cn=config schedule to 2358-2359 0 to force synch >> > ipa: INFO: Deleting schedule 2358-2359 0 from agreement >> > cn=meToipa-inf-prd-ng2-02.klikpay.int >> > <http://meToipa-inf-prd-ng2-02.klikpay.int >> >,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping >> > tree,cn=config >> > [root@ipa-inf-prd-ng2-02 ~]# >> > >> > >> > Once I do re-initialization, it gives "Can't Contact LDAP Server" >> > >> > [root@ipa-inf-prd-ng2-02 ~]# ipa-replica-manage re-initialize --from >> > ipa-inf-prd-ng2-01.klikpay.int <http://ipa-inf-prd-ng2-01.klikpay.int> >> > Directory Manager password: >> > >> > ipa: INFO: Setting agreement cn=meToipa-inf-prd-ng2-02.klikpay.int >> > <http://meToipa-inf-prd-ng2-02.klikpay.int >> >,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping >> > tree,cn=config schedule to 2358-2359 0 to force synch >> > ipa: INFO: Deleting schedule 2358-2359 0 from agreement >> > cn=meToipa-inf-prd-ng2-02.klikpay.int >> > <http://meToipa-inf-prd-ng2-02.klikpay.int >> >,cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping >> > tree,cn=config >> > >> > [ipa-inf-prd-ng2-01.klikpay.int <http://ipa-inf-prd-ng2-01.klikpay.int >> >] >> > reports: Update failed! Status: [-1 - LDAP error: Can't contact LDAP >> > server] >> > >> > >> > >> > >> > /Best Regards,/ >> > /__________________________________________ >> > / >> > /Yogesh Sharma >> > / >> > /Email: [email protected] <mailto:[email protected]> | Web: >> www.initd.in >> > <http://www.initd.in/> / >> > / >> > / >> > /RHCE, VCE-CIA, RACKSPACE CLOUD U Certified/ >> > >> > <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> < >> https://twitter.com/checkwithyogesh> < >> http://google.com/+YogeshSharmaOnGooglePlus> >> > >> > >> >> >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
