[Freeipa-users] ipa migrate-ds failing when more than 1 namingcontext is available
Rob Crittenden
rcritten at redhat.com
Mon Jan 30 14:00:52 UTC 2012
Stephen Gallagher wrote:
> On Fri, 2012-01-27 at 13:42 -0500, Rob Crittenden wrote:
>>
>> This came up yesterday internally too. I don't believe a bug or ticket
>> has been filed yet.
>>
>> My best guess on what is happening, based on what I saw with our own
>> case, is this:
>>
>> A migrated attribute is coming in that IPA doesn't know about. We
>> default to treating all attributes that don't require special treatment
>> (like binary values) as utf-8. I'm guessing that an unknown binary
>> attribute is being migrated, we try to utf-8 encode it and kablooey.
>>
>> There is no easy workaround for the above problem right now because that
>> happens before the --ignore* options are considered.
>>
>
> Why don't we just base64-encode unknown attributes instead of treating
> them like UTF-8? The LDAP server is *supposed* to be able to handle this
> implicitly.
For migration we're going to have to reject them outright because the
migration will fail eventually anyway.
rob
More information about the Freeipa-users
mailing list