[Freeipa-users] Chaining and FreeIPA Directory Server
Phyo Kyaw
phyokyaw.uk at gmail.com
Fri Jul 6 14:24:29 UTC 2012
Any idea?
Thanks for prompt reply Rob. I was just experimenting if it is
possible to setup in a way that users from IPA (A) can be made
available on IPA (B), so that users from A can access clients in B.
Thanks again.
On 5 July 2012 16:28, Rob Crittenden <rcritten at redhat.com> wrote:
> Phyo Kyaw wrote:
>>
>> Dear all,
>>
>> server ipa-server-2.1.3-9.el6.x86_64
>>
>> This is probably a question for to Directory 389 users, but..
>>
>> I would like to chain (not master to master replication) users of two
>> or more IPA servers. The first thing I did was trying to chain the IPA
>> 389-ds servers by setting up chaining entries. The chaining entries
>> work out the box on standard 389-DS, but on IPA 389-ds it won't start
>> after adding ldap suffixes. The 389-ds error log only shows
>>
>> [05/Jul/2012:15:00:33 +0000] - Detected Disorderly Shutdown last time
>> Directory Server was running, recovering database.
>>
>> Suffix entry
>>
>> dn:cn=cn\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
>> objectClass:nsMappingTree
>> objectClass:extensibleObject
>> objectClass:top
>> cn:cn=dc=example,dc=com
>> cn:"cn=dc=example,dc=com"
>> nsslapd-backend:testusers
>> nsslapd-state:backend
>>
>> Just wondering if FreeIPA has some other configuration or plugin that
>> prevents/conflicts 389-DS to start. I am guess chaining is something
>> if we have two or more IPAs in one infrastructure.
>>
>
> I don't know why this would cause the server to not start but IPA doesn't
> support read-only replicas at this time. What is it you are trying to
> achieve?
>
> rob
More information about the Freeipa-users
mailing list