Auerbach, Steven via FreeIPA-users wrote:
From the master-master original IPA v3.0.0 server - <ipa1> - I ran and received the following responses: NOTE: using aliases within arrow points for ambiguation.
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa1>' [sudo] password for <user>: Cannot find <ipa1> in public server list
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa2>' Directory Manager password:
Cannot find <ipa2> in public server list
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa3>' Directory Manager password:
Cannot find <ipa3> in public server list
It is looking for the list of masters in cn=masters,cn=ipa,cn=etc,dc=example,dc=com. I'd search that to see what is there.
A plain ipa-replica-manage list will list all masters and IIRC they do show.
From the replica-master server recently made with IPA v4.6.5 - <ipa3> - I ran and received the following responses: NOTE: using aliases within arrow points for ambiguation.
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa1>' [sudo] password for <user>: Unknown host <ipa1>: Host '<ipa1>' does not have corresponding DNS A/AAAA record
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa2>' Directory Manager password:
Unknown host ipa-r02: Host 'ipa-r02' does not have corresponding DNS A/AAAA record
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa3>' Directory Manager password:
Unknown host ipa03: Host 'ipa03' does not have corresponding DNS A/AAAA record
Try adding --no-lookup to the command to skip the lookup.
rob
Steven Auerbach Assistant Director of Information Systems Information Technology & Security State University System of Florida Board of Governors 325 W. Gaines Street, Suite 1625 Tallahassee, Florida 32399 (850) 245-9592 Steven.auerbach@flbog.edu
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
When I add the --no-lookup option on the v4.6.4 ipa server I get the same results I received on the v3.0.0 server: " Cannot find ipa<#> in public server list"
If I cannot even verify these servers in the group, how am I supposed to test the integrity of current inter-version replication? And how will I ever migrate the whole directory and all the inter-related services of IPA to two new servers of version 4.6.4? The functions do not appear to work as documented, and my trust that the command operations will behave as documented is really shaken.
Is my best option to build a new IPA server pair in version 4.6.4 and de-enroll all the clients and users from the older v3.0.0 IPA and then enroll them into the v4.6.4 IPA?
-----Original Message----- From: Rob Crittenden rcritten@redhat.com Sent: Monday, August 5, 2019 5:16 PM To: FreeIPA users list freeipa-users@lists.fedorahosted.org Cc: Auerbach, Steven Steven.Auerbach@flbog.edu Subject: Re: [Freeipa-users] Re: Replacing IPA v3.0.0-51 on OEL6 with IPA v4.6.4-10 on OEL7: Making the newest replica the master
Auerbach, Steven via FreeIPA-users wrote:
From the master-master original IPA v3.0.0 server - <ipa1> - I ran and received the following responses: NOTE: using aliases within arrow points for ambiguation.
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa1>' [sudo] password for <user>: Cannot find <ipa1> in public server list
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa2>' Directory Manager password:
Cannot find <ipa2> in public server list
[<user>@<ipa1> ~]$ sudo ipa-replica-manage list -v '<ipa3>' Directory Manager password:
Cannot find <ipa3> in public server list
It is looking for the list of masters in cn=masters,cn=ipa,cn=etc,dc=example,dc=com. I'd search that to see what is there.
A plain ipa-replica-manage list will list all masters and IIRC they do show.
From the replica-master server recently made with IPA v4.6.5 - <ipa3> - I ran and received the following responses: NOTE: using aliases within arrow points for ambiguation.
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa1>' [sudo] password for <user>: Unknown host <ipa1>: Host '<ipa1>' does not have corresponding DNS A/AAAA record
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa2>' Directory Manager password:
Unknown host ipa-r02: Host 'ipa-r02' does not have corresponding DNS A/AAAA record
[<user>@<ipa3> ~]$ sudo ipa-replica-manage list -v '<ipa3>' Directory Manager password:
Unknown host ipa03: Host 'ipa03' does not have corresponding DNS A/AAAA record
Try adding --no-lookup to the command to skip the lookup.
rob
Steven Auerbach Assistant Director of Information Systems Information Technology & Security State University System of Florida Board of Governors 325 W. Gaines Street, Suite 1625 Tallahassee, Florida 32399 (850) 245-9592 Steven.auerbach@flbog.edu
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs .fedoraproject.org%2Fen-US%2Fproject%2Fcode-of-conduct%2F&data=02% 7C01%7CSteven.Auerbach%40flbog.edu%7C4f2f8ff3a0be4ddb3c8d08d719ea0d02% 7C63bf107bcb6f41738c1c1406bb5cb794%7C0%7C0%7C637006365346901243&sd ata=Cxz0ohxpRe51I%2FSImlMCpbkmVKehGKn%2BzcBzbQaUS5E%3D&reserved=0 List Guidelines: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedo raproject.org%2Fwiki%2FMailing_list_guidelines&data=02%7C01%7CStev en.Auerbach%40flbog.edu%7C4f2f8ff3a0be4ddb3c8d08d719ea0d02%7C63bf107bc b6f41738c1c1406bb5cb794%7C0%7C0%7C637006365346911237&sdata=GWg7INn f%2FptaoK5HoSjC62DsshZ0VoF%2BHieWgFOxkGg%3D&reserved=0 List Archives: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flist s.fedorahosted.org%2Farchives%2Flist%2Ffreeipa-users%40lists.fedorahos ted.org&data=02%7C01%7CSteven.Auerbach%40flbog.edu%7C4f2f8ff3a0be4 ddb3c8d08d719ea0d02%7C63bf107bcb6f41738c1c1406bb5cb794%7C0%7C0%7C63700 6365346911237&sdata=F6pb9RhzSs7Yd%2BJGLoPN%2BYnlZ7f%2F1IZJfTXwZlnh d5k%3D&reserved=0
freeipa-users@lists.fedorahosted.org