Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1157735
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Description of problem: ipa-csreplica-manage connect fails Version-Release number of selected component (if applicable): ipa-server-3.3.3-28.el7.x86_64 How reproducible: 100% Steps to Reproduce: When trying to setup replica1 which has CA setup & replica2 which also has CA setup with ipa-csreplica-manage it fails. Actual results: It fails with: replica1 does not have a CA configured. Expected results: It should create replication agreement between o=ipaca
Rob found the root cause:
Looks like it's been this way since the beginning. On a box I switched this to a base search and was able to make the connection: # ipa-csreplica-manage connect replica2 Directory Manager password: Starting replication, please wait until this has completed. Update in progress, 5 seconds elapsed Update succeeded Connected 'replica1' to 'replica2' The following change is needed: diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica -manage index c534446..6f6c6c7 100755 --- a/install/tools/ipa-csreplica-manage +++ b/install/tools/ipa-csreplica-manage @@ -303,7 +303,7 @@ def add_link(realm, replica1, replica2, dirman_passw d, options): dn = DN(('cn', 'CA'), ('cn', replica2), ('cn', 'masters'), ('cn', 'ipa' ), ('cn', 'etc'), ipautil.realm_to_suffix(realm)) - conn.get_entries(dn, conn.SCOPE_ONELEVEL) + conn.get_entries(dn, conn.SCOPE_BASE) conn.unbind() except errors.NotFound: sys.exit('%s does not have a CA configured.' % replica2)
master:
ipa-4-1:
Metadata Update from @mkosek: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 4.1.2
Login to comment on this ticket.