<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 21.12.2016 12:08, Ludwig Krispenz
wrote:<br>
</div>
<blockquote cite="mid:585A6298.5060901@redhat.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<br>
<div class="moz-cite-prefix">On 12/21/2016 05:11 AM, Ian Chen
wrote:<br>
</div>
<blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>hello list,<br>
<br>
</div>
I tried to search for answer, but not solution come up
yet. please help.<br>
</div>
<br>
</div>
the setup with multiple nodes has IPA version:<br>
ipa-server-4.1.0-18.el7.centos.4.x86_64<br>
<br>
<br>
</div>
<div>after adding a replication with an old node, replicaiton
conflict occured.<br>
<br>
---- node104<br>
dn:
nsuniqueid=5820a804-af9211e6-bbce8d9c-0794b841+uid=test2,cn=users,cn=acco<br>
unts,dc=...<br>
uid: test2<br>
nsds5ReplConflict: namingConflict
uid=test2,cn=users,cn=accounts,dc=...<br>
krbPrincipalName: test2@...<br>
krbLastPwdChange: 20161220054653Z<br>
krbPasswordExpiration: 20170320054653Z<br>
ipaUniqueID: 606b2260-af92-11e6-a928-0050568faf9d<br>
<br>
<br>
---- node203<br>
dn: uid=test2,cn=users,cn=accounts,dc=...<br>
uid: test2<br>
krbPrincipalName: test2@...<br>
krbLastPwdChange: 20161220054653Z<br>
krbPasswordExpiration: 20170320054653Z<br>
ipaUniqueID: 606b2260-af92-11e6-a928-0050568faf9d<br>
<br>
<br>
</div>
<div>I tried rename RDN following this<br>
<a moz-do-not-send="true"
href="https://mkosek.fedorapeople.org/publican_site/en-US/FreeIPA/3.4/html/FreeIPA_Guide/ipa-replica-manage.html">https://mkosek.fedorapeople.org/publican_site/en-US/FreeIPA/3.4/html/FreeIPA_Guide/ipa-replica-manage.html</a><br>
</div>
</div>
</blockquote>
</blockquote>
<br>
hello,<br>
<br>
guide ^ is deprecated, please use the
<a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html</a><br>
<br>
For replication conflict is useful this guide
<a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html">https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html</a><br>
<br>
Martin<br>
<br>
<blockquote cite="mid:585A6298.5060901@redhat.com" type="cite">
<blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div> <br>
</div>
<div>but when trying to delete uid, then change RDN back to
uid, there is this error<br>
<br>
modifying entry "cn=TempValue,cn=users,cn=accounts,dc=..."<br>
ldap_modify: Object class violation (65)<br>
additional info: missing attribute "uid" required by
object class "posixAccount"<br>
<br>
</div>
<div>I cannot delete object class posixAccount then add it
back<br>
</div>
</div>
</blockquote>
I cannot see which commands you really tried to execute and
failed, so could you provide the full log of what you did if you
want to follow the steps in the IPA doc.<br>
<br>
But I do not think that you need to go thru the MOD/MODRDN/...
sequence if you do not want to keep both entries. If a conflict
arises, one entry keeps the original dn, the other gets a dn with
"nsuniquid=....+..." and the nsds5ReplConflict attribute. you can
check the entries and inmost cases you just want to keep the
"original" and just delete the conflict entry<br>
<blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
type="cite"> <br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Red Hat GmbH, <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.de.redhat.com/">http://www.de.redhat.com/</a>, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>