https://bugzilla.redhat.com/show_bug.cgi?id=823657 (Red Hat Enterprise Linux 6)
Description of problem: After deleting a replica, an attempt to connect to it should return an expected error message. If the connect is run without a kerberos ticket (like after a kdestroy), or with the -p to indicate password on command line, it does. If run with a ticket that has the old server's info still listed, it fails with a GSSAPI error. Version-Release number of selected component (if applicable): ipa-server-2.2.0-14.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. <setup ipa master> 2. <setup ipa replica> 3. ipa-replica-manage del $SLAVE # on master 4. ipa-replica-manage connect $SLAVE Actual results: [root@spoore-dvm1 slapd-TESTRELM-COM]# ipa-replica-manage connect spoore-dvm2.testrelm.com SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server ldap/spoore-dvm2.testrelm.com@TESTRELM.COM not found in Kerberos database) Expected results: I would expect to see the same error message that I see here: [root@kvm-guest-05 log]# ipa-replica-manage connect qe-blade-11.testrelm.com Directory Manager password: You cannot connect to a previously deleted master Additional info:
Metadata Update from @dpal: - Issue assigned to tbabej - Issue set to the milestone: FreeIPA 3.0 RC2
Login to comment on this ticket.