Hi there, Same issue for me in a my 15 ipa-servers multi-master grid just after the update. The replication is completely broken except on 3/15 nodes.
This is the second time I have to fully reinitialize the whole cluster for similar reason. I don't know what to do to clean this mess... For more information: this cluster has been initialized on a fedora 4.1.4 more than one year ago then complemetely migrated to Centos 7, IPA 4.2. Example on fr-master03 error logs: [25/Sep/2016:19:27:31 +0000] NSMMReplicationPlugin - changelog program - agmt="cn=meTofr-master01.domain" (fr-master01:389): CSN 57e3ffcc0003001a0000 not found, we aren't as up to date, or we purged [25/Sep/2016:19:27:31 +0000] NSMMReplicationPlugin - agmt="cn=meTofr-master01.domain" (fr-master01:389): Data required to update replica has been purged. The replica must be reinitialized. [25/Sep/2016:19:27:31 +0000] NSMMReplicationPlugin - agmt="cn=meTofr-master01.domain" (fr-master01:389): Incremental update failed and requires administrator action ipa: INFO: The ipactl command was successful [25/Sep/2016:19:27:35 +0000] agmt="cn=meTofr-master02.domain" (fr-master02:389) - Can't locate CSN 57e3ffcc0003001a0000 in the changelog (DB rc=-30988). If replication stops, the consumer may need to be reinitialized. [25/Sep/2016:19:27:35 +0000] NSMMReplicationPlugin - changelog program - agmt="cn=meTofr-master02.domain" (fr-master02:389): CSN 57e3ffcc0003001a0000 not found, we aren't as up to date, or we purged [25/Sep/2016:19:27:35 +0000] NSMMReplicationPlugin - agmt="cn=meTofr-master02.domain" (fr-master02:389): Data required to update replica has been purged. The replica must be reinitialized. [25/Sep/2016:19:27:35 +0000] NSMMReplicationPlugin - agmt="cn=meTofr-master02.domain" (fr-master02:389): Incremental update failed and requires administrator action Regards, -- Youenn Piolet [email protected] 2016-09-23 17:51 GMT+02:00 Mike Driscoll <[email protected]>: > Hello. I have four IPA servers replicating in full mesh. All four > servers are running ipa-server-4.2.0-15.0.1.el7_2.19.x86_64. > > This was working for some time but now I see that no replication is > occurring automatically at present. > > When I update a user attribute on an IPA server, I see errors like these: > [22/Sep/2016:16:53:49 -0700] attrlist_replace - attr_replace > (nsslapd-referral, ldap://ldap03.xx.com:389/o%3Dipaca) failed. > [22/Sep/2016:16:58:56 -0700] NSMMReplicationPlugin - agmt="cn= > masterAgreement1-ldap03.xx.com <http://masteragreement1-ldap03.xx.com> > -pki-tomcat" (ldap03:389): Incremental update failed and requires > administrator action > > I can reinitialize without errors. > ipa-csreplica-manage re-initialize --from=ldap01.xx.com > <http://ldap04.us.oracle.com> > ipa-replica-manage re-initialize --from=ldap01.xx.com > Afterwards I see my attribute (and other) changes are replicated on each > server I re-initialize from. But subsequently, replication doesn’t seem to > be happening. > > I reinitialized according to the steps in Table 8.7, “Replication Errors”, > but subsequent replication isn’t occurring. Any suggestions? Is it safe > to identify one of my four servers as containing up-to-date data, then > sever and reinstate replication relationships with the other three? > > Mike > > > > > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
