https://bugzilla.redhat.com/show_bug.cgi?id=754739
Description of problem: When a master server and replica are installed, ipa-replica-manage list will list the 2 servers in the topology. But when replica is uninstalled, it is still listed. This can lead to lost time (possibly, not proven) or other unwanted issues when master attempts to replicate its data to rest of the servers, and cannot reach this uninstalled replica If a ipa-replica-manage del is done before uninstalling, this replica will not be listed. Seeing this behaviour in ipa-csreplica-manage as well. Version-Release number of selected component (if applicable): ipa-server-2.1.3-9.el6.x86_64 How reproducible: always Steps to Reproduce: 1. install master, replica 2. ipa-replica-manage list - will list both servers 3. uninstall replica 4. ipa-replica-manage list Actual results: will list both servers Expected results: should list only master Additional info:
Add optional credential support so we can delete any agreements ourselves.
Or perhaps bind using 389-ds keytab or autobind to find the agreements that need to be deleted.
Rob will make sure this is documented. For now we do not have means to securely connect to other replicas and remove agreements when replica is uninstalled. Until such functionality is available this ticket should be deferred.
ipa-replica-manage del step was missing, see
ipa-replica-manage del
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/removing-replica.html
Given the FreeIPA behaves as designed, closing this ticket.
Updating resolution to invalid.
Metadata Update from @dpal: - Issue assigned to rcritten - Issue set to the milestone: Tickets Deferred
Login to comment on this ticket.