[Freeipa-users] freeIPA replication

Rich Megginson rmeggins at redhat.com
Fri Dec 11 19:33:28 UTC 2009 

Rob Crittenden wrote:
> Виктор Сергеевич wrote:
>> On fedora 11:
>>
>> Name        : 389-ds-base                  Relocations: (not
>> relocatable)
>> Version     : 1.2.2                             Vendor: Fedora Project
>> Release     : 1.fc11                        Build Date: Wed 26 Aug 2009
>> 12:07:44 AM MSD
>> Install Date: Fri 11 Dec 2009 10:46:32 AM MSK      Build Host:
>> x86-1.fedora.phx.redhat.com
>> Group       : System Environment/Daemons    Source RPM:
>> 389-ds-base-1.2.2-1.fc11.src.rpm
>> Size        : 5080205                          License: GPLv2 with
>> exceptions
>> Signature   : RSA/SHA1, Wed 26 Aug 2009 04:34:33 PM MSD, Key ID
>> 1dc5c758d22e77f2
>> Packager    : Fedora Project
>> URL         : http://port389.org/
>> Summary     : 389 Directory Server (base)
>>
>
> IIRC in 389-ds 1.2.2 some schema was dropped/modified. If you try to 
> replicate between < 1.2.2 and >= 1.2.2 you can get this error because 
> the schema isn't defined on one side.
>
> I'm not sure the best way to work around this. Options include:
>
> - sync up the 389-ds versions between your servers. This would likely 
> require building your own set of rpms on one or the other.
> - add the missing schema to the F-11 server in /etc/dirsrv/schema. 
> This has the downside that you'll probably end up broken in other very 
> odd some time way into the future.
> - modify 99user.ldif on the replicated system and remove the offending 
> attributes. At the point in the replica installation where this fails 
> the installer is almost done. The only missing steps are the DNS 
> configuration and configuring the client.
>
> There may be other options, and again I'm not sure which is the best 
> at this point. Rich, what do you think?
With 389-ds-base 1.2.3 and later (1.2.5.rc2 is currently available from 
the testing repos) 99user.ldif is fixed to remove the offending schema 
upon upgrade (yum or rpm), or by doing setup-ds.pl -u.
>
> rob
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list