Hey all,

I am using IPA for my DNS and have 3 total servers in the group. 2 of them are responding to queries just fine, but the 3rd (which is bare metal, not a VM like the others) is not resolving the queries issued to it. Running ipactl status returns all services running:

[root@ipa3 /]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
ntpd Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful

We tried restarting the services but didn't change anything. Next we tries to do a forced sync of the server with one of its working replicas:

ipa-replica-manage force-sync --from ipa1.example.com

We also tried re-initializing the non-working replica:

ipa-replica-manage re-initialize --from ipa1.example.com

However, it still won't resolve any queries directed to it. Any ideas of what to try next?

Kristian Petersen

System Administrator

BYU Dept. of Chemistry and Biochemistry