With replica promotion patches I'm not able to uninstall server/client when installation failed:
... [2015-10-29T12:55:30Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: [23/43]: enabling SASL mapping fallback [2015-10-29T12:55:30Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: [24/43]: restarting directory server [2015-10-29T12:55:32Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: [25/43]: creating DS keytab [2015-10-29T12:55:33Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: [error] DNSNotARecordError: Host does not have corresponding DNS A/AAAA record [2015-10-29T12:55:33Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: ipa.ipapython.install.cli.install_tool(Replica): ERROR Host does not have corresponding DNS A/AAAA record [2015-10-29T12:55:33Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [2015-10-29T12:55:33Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: Your system may be partly configured. [2015-10-29T12:55:33Z ipa.ipatests.test_integration.host.Host.replica1.cmd25] <DEBUG>: Run /usr/sbin/ipa-server-install --uninstall to clean up.
Trying to uninstall replica.
[root@replica1 ~]# ipa-client-install --uninstall IPA client is configured as a part of IPA server on this system. Refer to ipa-server-install for uninstallation. [root@replica1 ~]# ipa-server-install --uninstall This is a NON REVERSIBLE operation and will delete all data and configuration! Are you sure you want to continue with the uninstall procedure? [no]: y ipa : ERROR Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Cannot contact any KDC for realm 'IPA.TEST') ipa.ipapython.install.cli.uninstall_tool(Server): ERROR 'KRB5CCNAME' ipa.ipapython.install.cli.uninstall_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-uninstall.log for more information
Replica is not uninstalled
[root@replica1 ~]# cat /etc/ipa/default.conf #File modified by ipa-client-install [global] basedn = dc=ipa,dc=test realm = IPA.TEST domain = ipa.test server = master.ipa.test host = replica1.ipa.test xmlrpc_uri = https://master.ipa.test/ipa/xml enable_ra = True
Workaround is to add this line into /etc/ipa/default.conf
ldap_uri=ldapi://%2fvar%2frun%2fslapd-IPA-TEST.socket
After that uninstallation works.
Unistall should not be blocked by missing entry in default.conf
I reproduced it when installation failed on:
Configuring directory server (dirsrv). Estimated time: 1 minute [1/43]: creating directory server user [2/43]: creating directory server instance ipa : CRITICAL failed to create ds instance Command ''/usr/sbin/setup-ds.pl' '--silent' '--logfile' '-' '-f' '/tmp/tmp4Wndgz'' returned non-zero exit status 1 [3/43]: restarting directory server [4/43]: adding default schema [5/43]: enabling memberof plugin [error] ACIError: Insufficient access: Invalid credentials Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up.
Issue is that the default.conf is a client conf, not a server.
master:
Metadata Update from @mbasti: - Issue assigned to mbabinsk - Issue set to the milestone: FreeIPA 4.3
Login to comment on this ticket.