<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> <div class="moz-cite-prefix">On 07/25/2014 01:46 AM, Anthony Messina wrote: </div> <blockquote cite="mid:9995266.x8tqsJ07Iq@linux-ws1.messinet.com" type="cite"> <pre wrap="">On Thursday, July 24, 2014 08:44:34 AM Martin Kosek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 07/23/2014 06:38 PM, Anthony Messina wrote: </pre> <blockquote type="cite"> <pre wrap="">On Monday, July 21, 2014 01:09:43 PM Ludwig Krispenz wrote: </pre> <blockquote type="cite"> <pre wrap="">Looks like the schema file was changed, but not added to the list of files to be replaced at upgrade, I will open a 389 ticket and have it in the next release. Could you try t copy file manually for now ? </pre> </blockquote> <pre wrap=""> Manually copying the file from /etc/dirsrv/schema/10dna-plugin.ldif to /etc/dirsrv/slapd-EXAMPLE-COM/schema/10dna-plugin.ldif on both of my IPA masters and restarting seems to have eliminated the error. Is there anything else that needs to be done? </pre> </blockquote> <pre wrap=""> That should be all. BTW, the schema upgrade error is now fixed in <a class="moz-txt-link-freetext" href="https://admin.fedoraproject.org/updates/389-ds-base-1.3.2.20-1.fc20">https://admin.fedoraproject.org/updates/389-ds-base-1.3.2.20-1.fc20</a> </pre> </blockquote> <pre wrap=""> With that update, my dirsrv error logs on both of my masters are flooded with the following errors. Issuing 'ipactl restart' several times seems to reduce the incidence: - Connection is NULL and hence cannot access SLAPI_CONN_ID</pre> </blockquote> Sorry about that - this will be fixed in 1.3.2.21. <blockquote cite="mid:9995266.x8tqsJ07Iq@linux-ws1.messinet.com" type="cite"> <pre wrap=""> Also, I'm not sure if it's related to the above error, but the following are what I find related to the originally reported dnaremotebindmethod issue after upgrading both of my masters. Should the dnaRemoteBindMethod and dnaRemoteConnProtocol have something other than (null) as a value? Should they be the same on each master? ~]# ldapsearch -Y GSSAPI -LLL -s sub -b cn=posix- ids,cn=dna,cn=ipa,cn=etc,dc=example,dc=com SASL/GSSAPI authentication started SASL username: <a class="moz-txt-link-abbreviated" href="mailto:admin@EXAMPLE.COM">admin@EXAMPLE.COM</a> SASL SSF: 56 SASL data security layer installed. dn: cn=posix-ids,cn=dna,cn=ipa,cn=etc,dc=example,dc=com objectClass: nsContainer objectClass: top cn: posix-ids dn: dnaHostname=ipa1.example.com+dnaPortNum=389,cn=posix-ids,cn=dna,cn=ipa,cn =etc,dc=example,dc=com objectClass: dnaSharedConfig objectClass: top dnaHostname: ipa1.example.com dnaPortNum: 389 dnaSecurePortNum: 636 dnaRemainingValues: 199972 dnaRemoteBindMethod: (null) dnaRemoteConnProtocol: (null)</pre> </blockquote> This looks wrong. Please file a ticket. <blockquote cite="mid:9995266.x8tqsJ07Iq@linux-ws1.messinet.com" type="cite"> <pre wrap=""> dn: dnaHostname=ipa2.example.com+dnaPortNum=389,cn=posix-ids,cn=dna,cn=ipa,cn =etc,dc=example,dc=com objectClass: dnaSharedConfig objectClass: top dnaHostname: ipa2.example.com dnaPortNum: 389 dnaSecurePortNum: 636 dnaRemainingValues: 0 </pre> <fieldset class="mimeAttachmentHeader"></fieldset> </blockquote> </body> </html>