[Freeipa-users] freeIPA replication
Rich Megginson
rmeggins at redhat.com
Fri Dec 11 19:33:28 UTC 2009
Rob Crittenden wrote:
> Виктор Сергеевич wrote:
>> On fedora 11:
>>
>> Name : 389-ds-base Relocations: (not
>> relocatable)
>> Version : 1.2.2 Vendor: Fedora Project
>> Release : 1.fc11 Build Date: Wed 26 Aug 2009
>> 12:07:44 AM MSD
>> Install Date: Fri 11 Dec 2009 10:46:32 AM MSK Build Host:
>> x86-1.fedora.phx.redhat.com
>> Group : System Environment/Daemons Source RPM:
>> 389-ds-base-1.2.2-1.fc11.src.rpm
>> Size : 5080205 License: GPLv2 with
>> exceptions
>> Signature : RSA/SHA1, Wed 26 Aug 2009 04:34:33 PM MSD, Key ID
>> 1dc5c758d22e77f2
>> Packager : Fedora Project
>> URL : http://port389.org/
>> Summary : 389 Directory Server (base)
>>
>
> IIRC in 389-ds 1.2.2 some schema was dropped/modified. If you try to
> replicate between < 1.2.2 and >= 1.2.2 you can get this error because
> the schema isn't defined on one side.
>
> I'm not sure the best way to work around this. Options include:
>
> - sync up the 389-ds versions between your servers. This would likely
> require building your own set of rpms on one or the other.
> - add the missing schema to the F-11 server in /etc/dirsrv/schema.
> This has the downside that you'll probably end up broken in other very
> odd some time way into the future.
> - modify 99user.ldif on the replicated system and remove the offending
> attributes. At the point in the replica installation where this fails
> the installer is almost done. The only missing steps are the DNS
> configuration and configuring the client.
>
> There may be other options, and again I'm not sure which is the best
> at this point. Rich, what do you think?
With 389-ds-base 1.2.3 and later (1.2.5.rc2 is currently available from
the testing repos) 99user.ldif is fixed to remove the offending schema
upon upgrade (yum or rpm), or by doing setup-ds.pl -u.
>
> rob
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list