When removing CA replica from domain level topology, {{{ipa-csreplica-manage del command}}} fails during cleanup of DNS entries:
ipa-csreplica-manage del replica1.ipa.test Directory Manager password: Deleted replication agreement from 'master1.ipa.test' to 'replica1.ipa.test' Failed to cleanup replica1.ipa.test DNS entries: ldap2 is already connected (ldap2_140545865874192 in MainThread)
Problem is there are actually two connection attempts to ldap2 backend in the code, which results in the connection error:
in main() (line 444)
options.dirman_passwd = dirman_passwd api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')), bind_pw=options.dirman_passwd) if args[0] == "list": replica = None ...
on del_master() (line 288):
# 7. And clean up the removed replica DNS entries if any. try: if bindinstance.dns_container_exists(options.host, api.env.basedn, dm_password=options.dirman_passwd): api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')), bind_pw=options.dirman_passwd) bind = bindinstance.BindInstance() bind.remove_ipa_ca_dns_records(hostname, realm.lower()) ...
introduced in 4.3: 6119dbb
master:
ipa-4-3:
Metadata Update from @mbabinsk: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.3.1
Login to comment on this ticket.