Thanks Petr, Tried this and get the following output with the verbose flag:
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute Cleaning a master is irreversible. This should not normally be require, so use cautiously. Continue to clean master? [no]: yes I still however see this machine as a nameserver for this domain. Also, SRV records pointing to it are still being served. [root@freeipa-prod-a-033 centos]# dig NS cloud.dcmn.com +short freeipa-prod-a-031.cloud.foo.com. freeipa-prod-b-032.cloud.foo.com. freeipa-prod-a-033.cloud.foo.com. Cheers, Andrew On 6 November 2015 at 15:28, Petr Vobornik <[email protected]> wrote: > On 11/05/2015 05:32 PM, Andrew Holway wrote: > >> Actually I'm starting to feel like this is a bug. Managed to get the old >> IPA server back up and ran . >> >> "ipa-server-install --uninstall" >> >> Which completed successfully and gave the advice: >> >> Replication agreements with the following IPA masters found: freeipa- >> >> prod-b-032.cloud.foo.com. Removing any replication agreements before >> >> uninstalling the server is strongly recommended. You can remove >> replication >> >> agreements by running the following command on any other IPA master: >> >> $ ipa-replica-manage del freeipa-prod-a-031.cloud.foo.com >> >> >> Running this command on the other IPA servers gives the following: >> >> >> [root@freeipa-prod-a-033 centos]# ipa-replica-manage del >> freeipa-prod-a-031.cloud.foo.com >> >> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute >> >> 'freeipa-prod-a-033.cloud.dcmn.com' has no replication agreement for' >> freeipa-prod-a-031.cloud.foo.com' >> >> >> I dont see anything in the logs. >> >> >> Thanks, >> >> >> Andrew >> >> On 5 November 2015 at 16:58, Andrew Holway <[email protected]> >> wrote: >> >> One of our FreeIPA replicas had its filesystem hosed so we want to remove >>> it. Can someone show me the sequence of commands to remove a down >>> replica? >>> >>> Thanks, >>> >>> Andrew >>> >>> >>> >>> [root@freeipa-prod-a-033 centos]# ipa-replica-manage list >>> >>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute >>> >>> freeipa-prod-a-031.cloud.foo.com: master >>> >>> freeipa-prod-a-033.cloud.foo.com: master >>> >>> freeipa-prod-b-032.cloud.foo.com: master >>> >>> [root@freeipa-prod-a-033 centos]# ipa-replica-manage del --force >>> freeipa-prod-a-031.foo.dcmn.com >>> >>> p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute >>> >>> 'freeipa-prod-a-033.cloud.foo.com' has no replication agreement for' >>> freeipa-prod-a-031.cloud.dcmn.com' >>> >>> > If freeipa-prod-a-031 is already uninstall, use also --cleanup option: > > ipa-replica-manage del --force --cleanup freeipa-prod-a-031.foo.dcmn.com > > -f, --force > Ignore some types of errors, don't prompt when deleting a > master > -c, --cleanup > When deleting a master with the --force flag, remove > leftover references to an already deleted master. > -- > Petr Vobornik >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
