On 11/06/2015 03:37 PM, Andrew Holway wrote:
Thanks Petr,
Tried this and get the following output with the verbose flag:
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
Cleaning a master is irreversible.
This should not normally be require, so use cautiously.
Continue to clean master? [no]: yes
I still however see this machine as a nameserver for this domain. Also, SRV
records pointing to it are still being served.
[root@freeipa-prod-a-033 centos]# dig NS cloud.dcmn.com +short
freeipa-prod-a-031.cloud.foo.com.
freeipa-prod-b-032.cloud.foo.com.
freeipa-prod-a-033.cloud.foo.com.
Then you can try to check DNS settings, easy in Web UI, and remove
references to old server if there are any.
Cheers,
Andrew
On 6 November 2015 at 15:28, Petr Vobornik <[email protected]> wrote:
On 11/05/2015 05:32 PM, Andrew Holway wrote:
Actually I'm starting to feel like this is a bug. Managed to get the old
IPA server back up and ran .
"ipa-server-install --uninstall"
Which completed successfully and gave the advice:
Replication agreements with the following IPA masters found: freeipa-
prod-b-032.cloud.foo.com. Removing any replication agreements before
uninstalling the server is strongly recommended. You can remove
replication
agreements by running the following command on any other IPA master:
$ ipa-replica-manage del freeipa-prod-a-031.cloud.foo.com
Running this command on the other IPA servers gives the following:
[root@freeipa-prod-a-033 centos]# ipa-replica-manage del
freeipa-prod-a-031.cloud.foo.com
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
'freeipa-prod-a-033.cloud.dcmn.com' has no replication agreement for'
freeipa-prod-a-031.cloud.foo.com'
I dont see anything in the logs.
Thanks,
Andrew
On 5 November 2015 at 16:58, Andrew Holway <[email protected]>
wrote:
One of our FreeIPA replicas had its filesystem hosed so we want to remove
it. Can someone show me the sequence of commands to remove a down
replica?
Thanks,
Andrew
[root@freeipa-prod-a-033 centos]# ipa-replica-manage list
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
freeipa-prod-a-031.cloud.foo.com: master
freeipa-prod-a-033.cloud.foo.com: master
freeipa-prod-b-032.cloud.foo.com: master
[root@freeipa-prod-a-033 centos]# ipa-replica-manage del --force
freeipa-prod-a-031.foo.dcmn.com
p11-kit: ipa.p11-kit: x-public-key-info: invalid or unsupported attribute
'freeipa-prod-a-033.cloud.foo.com' has no replication agreement for'
freeipa-prod-a-031.cloud.dcmn.com'
If freeipa-prod-a-031 is already uninstall, use also --cleanup option:
ipa-replica-manage del --force --cleanup freeipa-prod-a-031.foo.dcmn.com
-f, --force
Ignore some types of errors, don't prompt when deleting a
master
-c, --cleanup
When deleting a master with the --force flag, remove
leftover references to an already deleted master.
--
Petr Vobornik
--
Petr Vobornik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
