Hide Forgot
This bug is created as a clone of upstream ticket: https://fedorahosted.org/freeipa/ticket/3876 Replica and original master installed with DNS and CA. {{{ freeipa-server-3.3.90GIT278c87c-0.fc19.x86_64 }}} Reproduction: * With working replication (new user is replicated): {{{ $ ipa-replica-manage del vm-175.idm.lab.eng.brq.redhat.com Deleting a master is irreversible. To reconnect to the remote master you will need to prepare a new replica file and re-install. Continue to delete? [no]: yes No RUV records found. }}} {{{ $ ipa-replica-manage del vm-175.idm.lab.eng.brq.redhat.com -cf No RUV records found. }}} * With replica dead (turned off) {{{ $ ipa-replica-manage del vm-175.idm.lab.eng.brq.redhat.com -cf Connection to 'vm-175.idm.lab.eng.brq.redhat.com' failed: Forcing removal of vm-175.idm.lab.eng.brq.redhat.com Skipping calculation to determine if one or more masters would be orphaned. No RUV records found. }}} Replication is still working after running those commands.
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/f312d725102f903f67a2db688d3dce94cf84e77d ipa-3-3: https://fedorahosted.org/freeipa/changeset/93b314da42efb79951b008cbbc8b0df0fc8c7dbe
*** Bug 1004555 has been marked as a duplicate of this bug. ***
Verified. Version :: ipa-server-3.3.3-15.el7.x86_64 Test Results :: ON MASTER: [root@rhel7-4 ~]# ipa user-add testuser1 --first=f --last=l ---------------------- Added user "testuser1" ---------------------- User login: testuser1 First name: f Last name: l Full name: f l Display name: f l Initials: fl Home directory: /home/testuser1 GECOS: f l Login shell: /bin/sh Kerberos principal: testuser1.TEST Email address: testuser1.test UID: 1902000001 GID: 1902000001 Password: False Member of groups: ipausers Kerberos keys available: False ON REPLICA: [root@rhel7-5 ~]# ipa user-find --------------- 2 users matched --------------- User login: admin Last name: Administrator Home directory: /home/admin Login shell: /bin/bash UID: 1902000000 GID: 1902000000 Account disabled: False Password: True Kerberos keys available: True User login: testuser1 First name: f Last name: l Home directory: /home/testuser1 Login shell: /bin/sh Email address: testuser1.test UID: 1902000001 GID: 1902000001 Account disabled: False Password: False Kerberos keys available: False ---------------------------- Number of entries returned 2 ---------------------------- [root@rhel7-5 ~]# ipactl stop Stopping Directory Service Stopping ipa-otpd Service Stopping pki-tomcatd Service Stopping httpd Service Stopping ipa_memcached Service Stopping kadmin Service Stopping krb5kdc Service ipa: INFO: The ipactl command was successful ON MASTER: [root@rhel7-4 ~]# ipa-replica-manage del replica1.ipa2.example.test -cf Connection to 'replica1.ipa2.example.test' failed: Forcing removal of replica1.ipa2.example.test Skipping calculation to determine if one or more masters would be orphaned. Deleting replication agreements between replica1.ipa2.example.test and master.ipa2.example.test Failed to get list of agreements from 'replica1.ipa2.example.test': Forcing removal on 'master.ipa2.example.test' Any DNA range on 'replica1.ipa2.example.test' will be lost Deleted replication agreement from 'master.ipa2.example.test' to 'replica1.ipa2.example.test' Background task created to clean replication data. This may take a while. This may be safely interrupted with Ctrl+C [root@rhel7-4 ~]# ipa-replica-manage list master.ipa2.example.test: master [root@rhel7-4 ~]# ON REPLICA: [root@rhel7-5 ~]# ipactl start Starting Directory Service Starting krb5kdc Service Starting kadmin Service Starting ipa_memcached Service Starting httpd Service Starting pki-tomcatd Service Starting ipa-otpd Service ipa: INFO: The ipactl command was successful [root@rhel7-5 ~]# ipa user-show testuser2 ipa: ERROR: testuser2: user not found ON MASTER: [root@rhel7-4 ~]# ipa user-add testuser2 --first=f --last=l ---------------------- Added user "testuser2" ---------------------- User login: testuser2 First name: f Last name: l Full name: f l Display name: f l Initials: fl Home directory: /home/testuser2 GECOS: f l Login shell: /bin/sh Kerberos principal: testuser2.TEST Email address: testuser2.test UID: 1902000003 GID: 1902000003 Password: False Member of groups: ipausers Kerberos keys available: False ON REPLICA: [root@rhel7-5 ~]# ipa user-show testuser2 ipa: ERROR: testuser2: user not found
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request.