[Freeipa-devel] [PATCH 0010] KeyError raised upon replica installation
Martin Kosek
mkosek at redhat.com
Tue Jun 2 15:16:00 UTC 2015
On 06/02/2015 05:08 PM, Ludwig Krispenz wrote:
>
> On 06/02/2015 03:53 PM, Petr Vobornik wrote:
>> On 06/02/2015 02:20 PM, Ludwig Krispenz wrote:
>>>
>>> On 06/02/2015 12:09 PM, Oleg Fayans wrote:
>>>> Hi all,
>>>>
>>>> The following error was caught during replica installation (I used all
>>>> the latest patches from Ludwig and Martin Basti):
>>
>> - except ldap.TYPE_OR_VALUE_EXISTS:
>> + except (ldap.TYPE_OR_VALUE_EXISTS, ldap.NO_SUCH_OBJECT):
>>
>> What happens if all replicas are updated and domain level is raised? I don't
>> think that the group will be populated. Or will it be? Without it, topology
>> plugin won't work, right?
> good point,
> it will be limited, when adding a new segment a replication agreement will be
> created, but it will not have the credentials to replicate.
>>
>> There should be a moment where all the DNs are added.
> yes, there could probably be a check when topology plugin gets active if the
> binddn group exists and if not create and populate it
Should we finally start maintaining by default IPA Masters hostgroup? *That*
should be the BIND DN group which Topology plugins works with, no? If this
group is populated from FreeIPA 4.2+, raising to Domain Level 1 would mean no
operation needed on FreeIPA side.
This is part of the ticket
https://fedorahosted.org/freeipa/ticket/3416
This looks as another change that should make it to the Alpha, no?
Martin
More information about the Freeipa-devel
mailing list