[Freeipa-users] Replica not syncing 'memberOf' attributes
Dan Scott
danieljamesscott at gmail.com
Thu Oct 7 15:47:53 UTC 2010
On Thu, Oct 7, 2010 at 11:32, James Roman <james.roman at ssaihq.com> wrote:
> On 10/07/2010 11:20 AM, Rich Megginson wrote:
>>
>> 20 is "type or value exists" - I think this means that it is attempting to
>> set a referral for the master, but there already is one.
>>>
>>> Curie contains the same log entry.
>>>
>>> But, none of the users contain the memberOf attributes on ohm.
>>
>> Does IPA have its own memberOf plugin, or is it using the one from 389?
>
> The answer is that it can, depending on the version of 389 that was initally
> installed.
>
> Try running the following to see how many memberof plugins you have and
> whether they are enabled.
>
> [#} ldapsearch -x -D "cn=directory manager" -W -LLL -b
> "cn=plugins,cn=config" -s one 'cn=*member*' cn nsslapd-pluginEnabled
> Enter LDAP Password:
> dn: cn=ipa-memberof,cn=plugins,cn=config
> cn: ipa-memberof
> nsslapd-pluginEnabled: on
>
> dn: cn=MemberOf Plugin,cn=plugins,cn=config
> cn: MemberOf Plugin
> nsslapd-pluginEnabled: off
Looks like I'm using the ipa-memberof plugin:
[root at ohm ~]# ldapsearch -x -D "cn=directory manager" -W -LLL -b
"cn=plugins,cn=config" -s one 'cn=*member*' cn nsslapd-pluginEnabled
Enter LDAP Password:
dn: cn=ipa-memberof,cn=plugins,cn=config
cn: ipa-memberof
nsslapd-pluginEnabled: on
dn: cn=MemberOf Plugin,cn=plugins,cn=config
cn: MemberOf Plugin
nsslapd-pluginEnabled: off
This result is the same for both servers. I ran with the '-h' option
using each host name.
Thanks,
Dan
More information about the Freeipa-users
mailing list