#6134 Command "ipa-replica-prepare" not allowed to create line replication topology
Closed: Fixed None Opened 7 years ago by gkaihoro.

Unable to set up line topology under domain-0 (master branch). When I try to prepare a gpg file for the second replica on the first replica machine, I get the error message: "The replica must be created on the primary IPA server."

[2016-07-26T04:59:37Z ipa.ipatests.test_integration.host.Host.vm-191.ParamikoTransport] <INFO>: RUN ['ipa', 'dnszone-show', 'abc.idm.lab.eng.brq.redhat.com']
[2016-07-26T04:59:37Z ipa.ipatests.test_integration.host.Host.vm-191.cmd24] <DEBUG>: RUN ['ipa', 'dnszone-show', 'abc.idm.lab.eng.brq.redhat.com']
[2016-07-26T04:59:39Z ipa.ipatests.test_integration.host.Host.vm-191.cmd24] <DEBUG>: ipa: ERROR: abc.idm.lab.eng.brq.redhat.com.: DNS zone not found
[2016-07-26T04:59:39Z ipa.ipatests.test_integration.host.Host.vm-191.cmd24] <DEBUG>: Exit code: 2
[2016-07-26T04:59:39Z ipa.ipatests.test_integration.host.Host.vm-191.ParamikoTransport] <INFO>: RUN ['ipa-replica-prepare', '-p', 'Secret123', 'vm-058-214.abc.idm.lab.eng.brq.redhat.com']
[2016-07-26T04:59:39Z ipa.ipatests.test_integration.host.Host.vm-191.cmd25] <DEBUG>: RUN ['ipa-replica-prepare', '-p', 'Secret123', 'vm-058-214.abc.idm.lab.eng.brq.redhat.com']
[2016-07-26T04:59:42Z ipa.ipatests.test_integration.host.Host.vm-191.cmd25] <DEBUG>: If you installed IPA with your own certificates using PKCS#12 files you must provide PKCS#12 files for any replicas you create as well.
[2016-07-26T04:59:42Z ipa.ipatests.test_integration.host.Host.vm-191.cmd25] <DEBUG>: The replica must be created on the primary IPA server.
[2016-07-26T04:59:42Z ipa.ipatests.test_integration.host.Host.vm-191.cmd25] <DEBUG>: The ipa-replica-prepare command failed.
ipa: ERROR: Exit code: 1
[2016-07-26T04:59:42Z ipa.ipatests.test_integration.host.Host.vm-191.cmd25] <ERROR>: Exit code: 1

The usage is invalid but the error message is sooo confusing that we decided to fix it.

Two parts to fix:

  • error message -acked patch on the list
  • tests

master:

  • 503d096 Fix ipa-replica-prepare's error message about missing local CA instance

ipa-4-3:

  • fedee72 Fix ipa-replica-prepare's error message about missing local CA instance

Leaving ticket open until tests are fixed

master:

  • 64c5340 Fix for integration tests replication layouts

ipa-4-3:

  • 0412cd3 Fix for integration tests replication layouts

Metadata Update from @gkaihoro:
- Issue assigned to gkaihoro
- Issue set to the milestone: FreeIPA 4.3.3

7 years ago

Login to comment on this ticket.

Metadata