<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <p><br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 21.12.2016 12:08, Ludwig Krispenz
      wrote:<br>
    </div>
    <blockquote cite="mid:585A6298.5060901@redhat.com" type="cite">
      <meta content="text/html; charset=windows-1252"
        http-equiv="Content-Type">
      <br>
      <div class="moz-cite-prefix">On 12/21/2016 05:11 AM, Ian Chen
        wrote:<br>
      </div>
      <blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div>
            <div>
              <div>
                <div>hello list,<br>
                  <br>
                </div>
                I tried to search for answer, but not solution come up
                yet. please help.<br>
              </div>
              <br>
            </div>
            the setup with multiple nodes has IPA version:<br>
            ipa-server-4.1.0-18.el7.centos.4.x86_64<br>
            <br>
            <br>
          </div>
          <div>after adding a replication with an old node, replicaiton
            conflict occured.<br>
            <br>
            ---- node104<br>
            dn:
nsuniqueid=5820a804-af9211e6-bbce8d9c-0794b841+uid=test2,cn=users,cn=acco<br>
             unts,dc=...<br>
            uid: test2<br>
            nsds5ReplConflict: namingConflict
            uid=test2,cn=users,cn=accounts,dc=...<br>
            krbPrincipalName: test2@...<br>
            krbLastPwdChange: 20161220054653Z<br>
            krbPasswordExpiration: 20170320054653Z<br>
            ipaUniqueID: 606b2260-af92-11e6-a928-0050568faf9d<br>
            <br>
            <br>
            ---- node203<br>
            dn: uid=test2,cn=users,cn=accounts,dc=...<br>
            uid: test2<br>
            krbPrincipalName: test2@...<br>
            krbLastPwdChange: 20161220054653Z<br>
            krbPasswordExpiration: 20170320054653Z<br>
            ipaUniqueID: 606b2260-af92-11e6-a928-0050568faf9d<br>
            <br>
            <br>
          </div>
          <div>I tried rename RDN following this<br>
            <a moz-do-not-send="true"
href="https://mkosek.fedorapeople.org/publican_site/en-US/FreeIPA/3.4/html/FreeIPA_Guide/ipa-replica-manage.html">https://mkosek.fedorapeople.org/publican_site/en-US/FreeIPA/3.4/html/FreeIPA_Guide/ipa-replica-manage.html</a><br>
          </div>
        </div>
      </blockquote>
    </blockquote>
    <br>
    hello,<br>
    <br>
    guide ^ is deprecated, please use the
<a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html</a><br>
    <br>
    For replication conflict is useful this guide
<a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html">https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html</a><br>
    <br>
    Martin<br>
    <br>
    <blockquote cite="mid:585A6298.5060901@redhat.com" type="cite">
      <blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div> <br>
          </div>
          <div>but when trying to delete uid, then change RDN back to
            uid, there is this error<br>
            <br>
            modifying entry "cn=TempValue,cn=users,cn=accounts,dc=..."<br>
            ldap_modify: Object class violation (65)<br>
                additional info: missing attribute "uid" required by
            object class "posixAccount"<br>
            <br>
          </div>
          <div>I cannot delete object class posixAccount then add it
            back<br>
          </div>
        </div>
      </blockquote>
      I cannot see which commands you really tried to execute and
      failed, so could you provide the full log of what you did if you
      want to follow the steps in the IPA doc.<br>
      <br>
      But I do not think that you need to go thru the MOD/MODRDN/...
      sequence if you do not want to keep both entries. If a conflict
      arises, one entry keeps the original dn, the other gets a dn with
      "nsuniquid=....+..." and the nsds5ReplConflict attribute. you can
      check the entries and inmost cases you just want to keep the
      "original" and just delete the conflict entry<br>
      <blockquote
cite="mid:CAO1fV-ciXa6qLbZaeiMXDmKOj+kb6KmgmXkRB6E4m5Bu_1WniQ@mail.gmail.com"
        type="cite"> <br>
        <fieldset class="mimeAttachmentHeader"></fieldset>
        <br>
      </blockquote>
      <br>
      <pre class="moz-signature" cols="72">-- 
Red Hat GmbH, <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.de.redhat.com/">http://www.de.redhat.com/</a>, Registered seat: Grasbrunn, 
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander</pre>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
    </blockquote>
    <br>
  </body>
</html>