[Freeipa-users] freeIPA replication
Rob Crittenden
rcritten at redhat.com
Fri Dec 11 18:55:33 UTC 2009
Виктор Сергеевич wrote:
> On fedora 11:
>
> Name : 389-ds-base Relocations: (not
> relocatable)
> Version : 1.2.2 Vendor: Fedora Project
> Release : 1.fc11 Build Date: Wed 26 Aug 2009
> 12:07:44 AM MSD
> Install Date: Fri 11 Dec 2009 10:46:32 AM MSK Build Host:
> x86-1.fedora.phx.redhat.com
> Group : System Environment/Daemons Source RPM:
> 389-ds-base-1.2.2-1.fc11.src.rpm
> Size : 5080205 License: GPLv2 with
> exceptions
> Signature : RSA/SHA1, Wed 26 Aug 2009 04:34:33 PM MSD, Key ID
> 1dc5c758d22e77f2
> Packager : Fedora Project
> URL : http://port389.org/
> Summary : 389 Directory Server (base)
>
IIRC in 389-ds 1.2.2 some schema was dropped/modified. If you try to
replicate between < 1.2.2 and >= 1.2.2 you can get this error because
the schema isn't defined on one side.
I'm not sure the best way to work around this. Options include:
- sync up the 389-ds versions between your servers. This would likely
require building your own set of rpms on one or the other.
- add the missing schema to the F-11 server in /etc/dirsrv/schema. This
has the downside that you'll probably end up broken in other very odd
some time way into the future.
- modify 99user.ldif on the replicated system and remove the offending
attributes. At the point in the replica installation where this fails
the installer is almost done. The only missing steps are the DNS
configuration and configuring the client.
There may be other options, and again I'm not sure which is the best at
this point. Rich, what do you think?
rob
More information about the Freeipa-users
mailing list