How to reproduce: 1. Install IPA master 2. Prepare and install replica 3. ipa-replica-manage re-initialize works 4. ipa-replica-manage del on the master 5. Uninstall the replica server 6. Install replica from the original gpg file again 7. ipa-replica-manage re-initialize doesn't work
The re-initialization in the second case fails with this error: [vm-033.idm.lab.bos.redhat.com] reports: Update failed! Status: [49 - LDAP error: Invalid credentials]
I traced it somewhere in the __lateinit function which calls getEntry (ipaserver/ipaldap.py:362), but the search in getEntry fails for some reason.
Did you do a kinit to admin or are you using the DM password?
Did you install with dogtag or with --selfsign?
I tried both kinit and DM password. Installation was with --selfsign.
does replication work right after the second replica install ?
I just tested it again to be sure. It does work.
Restarting the master dirsrv after uninstalling the replica resolves this. I wonder if the master is caching the principal of the replica somewhere.
attachment freeipa-rcrit-790-replica.patch
master: 5288bdb
ipa-2-0: d6c078e
Metadata Update from @jzeleny: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.1 - 2011/05
Login to comment on this ticket.