Re: [389-users] duplicate replica id detected - can I remove replicas?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 08/10/2011 11:00 PM, Amos Shapira wrote:
Some more research after I sent my question (narrower search terms) found the following bug and fix:

https://bugzilla.redhat.com/show_bug.cgi?id=624442

The package I use is centos-ds-base-8.1.0-0.14.el5.centos.2

Does this mean that this is a bug in the package I have and I should just use different replication id's?
Or can I still somehow clear the tombstones?
You might be able to use db2ldif -r to dump the database along with the replication meta data, then edit the LDIF file to remove the bogus data, then ldif2db to reload your database from the LDIF file.

Thanks,

--Amos

On 11 August 2011 14:55, <389-users-owner@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
You are not allowed to post to this mailing list, and your message has
been automatically rejected.  If you think that your messages are
being rejected in error, contact the mailing list owner at
389-users-owner@xxxxxxxxxxxxxxxxxxxxxxx.



---------- Forwarded message ----------
From: Amos Shapira <amos.shapira@xxxxxxxxx>
To: "General discussion list for the 389 Directory server project." <389-users@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 11 Aug 2011 14:55:08 +1000
Subject: duplicate replica id detected - can I remove replicas?
Hello,

I've deleted old replication agreements and setup new ones as part of server reshuffling (previous consumers turned into multi-masters).

I'm following the instructions in http://directory.fedoraproject.org/wiki/Howto:WalkthroughMultimasterSSL which look like a shorter summary of the official documentation.

When I finally click on the "Inisitalize consumer" I get a pop-up about duplicate replicas existing.

The replica numbers on the servers are "4" (on the supplier I intend to initialise from) and "3" (on the intended consumer).

I followed instructions given in this forum earlier to list replicas on both servers and these are the results:

# ./ldapsearch -x -b 'nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,dc=company' -D 'cn=Directory Manager' -w ******* -h cunsumers-ip-addr -s base objectclass=nstombstone
version: 1
dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,dc=company
objectClass: top
objectClass: nsTombstone
objectClass: extensibleobject
nsds50ruv: {replicageneration} 4a679e1c000000010000
nsds50ruv: {replica 3 ldap://directory2:389
 }
nsds50ruv: {replica 1 ldap://directory5:389} 4a679ebf000000010000
 4e30ce4e000200010000
nsds50ruv: {replica 65535 ldap://directory2:389} 4e323b300000ffff0000 4e4026ef0000ffff0000
dc: company
nsruvReplicaLastModified: {replica 3 ldap://directory2:389} 00000000
nsruvReplicaLastModified: {replica 1 ldap://directory5:389} 000000
 00
nsruvReplicaLastModified: {replica 65535 ldap://directory2:389} 4e4026d9

# ./ldapsearch -x -b 'nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,dc=company' -D 'cn=Directory Manager' -w ******** -s base objectclass=nstombstone
version: 1
dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,dc=company
objectClass: top
objectClass: nsTombstone
objectClass: extensibleobject
nsds50ruv: {replicageneration} 4a679e1c000000010000
nsds50ruv: {replica 3 ldap://directory2:389}
nsds50ruv: {replica 1 ldap://directory5:389} 4a679ebf000000010000
 4e30ce4e000200010000
nsds50ruv: {replica 65535 ldap://directory2:389} 4e4026ef0000ffff0000
dc: company
nsruvReplicaLastModified: {replica 3 ldap://directory2:389} 00000000
nsruvReplicaLastModified: {replica 1 ldap://directory5:389} 4e30ce
 27
nsruvReplicaLastModified: {replica 65535 ldap://directory2:389} 4e4026da

directory1 is the server I'm running the query on and is the intended initialising supplier.
directory2 is the server I'm trying to initialize.
directory1 and directory2 are the servers I intend to be the new multi-masters. I configured them to use LDAPS on port 636 with certificates.
directory5 is one of the two older multi-masters (the old multi-masters haven't been configured corretly, I guess that's why we don't see a second replica from the old multi-master pair).

Is there a way for me to remove the old replicas or must I just pick new replica numbers for the new multi-masters?

In case this matters - I'm configuring things through a centos-idm-console which I copied to my Ubuntu desktop in another location and accessing the DC over VPN. I have direct access from my desktop to ports 636 and 389 on both servers. When I setup the replication agreement the console complains that it can't validate the connection but I suspect this is related to it not having access to the cert8.db file (https://bugzilla.redhat.com/show_bug.cgi?id=200989).

Thanks,

--Amos



--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux