Ticket #115 (new defect) Opened 2 months ago replication config tools Reported by: kmacmill Assigned to: kmacmill Priority: major Milestone: release-1 Component: ipa-server Version: Keywords: Cc: Description ΒΆ We need some more tools for replication configuration. If nothing else, we need to be able to remove agreements for servers that no longer exist.
We ship 3 tools for replication: ipa-replica-install, ipa-replica-manage and ipa-replica-prepare Karl said this about how they work: On master1.foo.bar: # ipa-server-install # ipa-replica-prepare (you now have replica-info-FOO.BAR file - copy to master2 and 3) On master2.foo.bar: # ipa-replica-install replica-info-FOO.BAR (we now have two masters) On master3.foo.bar: # ipa-replica-install replica-info-FOO.BAR (we now have 3 masters, but no agreement between 2 and 3) # ipa-replica-manage add master2.foo.bar # ipa-replica-manage list master1.foo.bar master2.foo.bar (mesh topology is done) On master1.foo.bar: # ipa-replica-manage list master2.foo.bar master3.foo.bar
QA verified: the following script works as designed: ipa-replica-prepare ipa-replica-manage add <ipareplica hostname> ipa-replica-manage del <ipareplica hostname> ipa-replica-manage init <ipareplica hostanme> The next script doesn't give output as what I expected: [root@ipaserver ~]# ipa-replica-manage list Directory Manager password: replica ==> The expected answer is "replica64a.ipaqa.com" Notes: the above test ran on ipaserver, which is the master, it gave wrong answer, but when I ran the same command on replica server, it gave correct answer (as below): [root@replica64a ~]# ipa-replica-manage list Directory Manager password: ipaserver.ipaqa.com
Can you send me the output of this on both servers? ldapsearch -x -D "cn=directory manager" -w PASSWORD -b "cn=mapping tree,cn=config" "(objectClass=nsDS5ReplicationAgreement)"
[root@ipaserver ~]# ldapsearch -x -D "cn=directory manager" -w redhat123 -b "cn=mapping tree,cn=config" "(objectClass=nsDS5ReplicationAgreement)" # extended LDIF # # LDAPv3 # base <cn=mapping tree,cn=config> with scope subtree # filter: (objectClass=nsDS5ReplicationAgreement) # requesting: ALL # # meToreplica64a.ipaqa.com636, replica, dc\3Dipaqa\2Cdc\3Dcom, mapping tree, config dn: cn=meToreplica64a.ipaqa.com636, cn=replica, cn="dc=ipaqa,dc=com", cn=mappi ng tree, cn=config nsDS5ReplicaUpdateSchedule: 0000-2359 0123456 cn: meToreplica64a.ipaqa.com636 nsDS5ReplicaRoot: dc=ipaqa,dc=com objectClass: top objectClass: nsds5replicationagreement nsDS5ReplicaTransportInfo: SSL description: me to replica64a.ipaqa.com636 nsDS5ReplicaPort: 636 nsDS5ReplicaHost: replica64a.ipaqa.com nsds5replicaTimeout: 120 nsDS5ReplicaBindDN: cn=replication manager,cn=config nsDS5ReplicatedAttributeList: (objectclass=*) $ EXCLUDE memberOf nsDS5ReplicaBindMethod: simple nsDS5ReplicaCredentials: {DES}6iNZK04oZlJYNKC/wz+1uw== nsds5replicareapactive: 0 nsds5replicaLastUpdateStart: 20080220132206Z nsds5replicaLastUpdateEnd: 20080220132206Z nsds5replicaChangesSentSinceStartup:: Mjo1MC8wIA== nsds5replicaLastUpdateStatus: 0 Incremental update succeeded nsds5replicaUpdateInProgress: FALSE nsds5replicaLastInitStart: 0 nsds5replicaLastInitEnd: 0 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1
Created attachment 299778 [details] No need to use a regular expression to find the replication host
Committed in changeset 756
qa verified, bug closed build used: 4-3-2008 daily build add replica manage command: add, del, list are working good now