[Freeipa-users] IPA Replica cannot add user [SOLVED]
Rob Crittenden
rcritten at redhat.com
Mon Feb 17 15:25:59 UTC 2014
Martin Kosek wrote:
> On 02/14/2014 01:49 PM, Martin Kosek wrote:
>
> Bruno sent me the logs privately, let me just share the solution of this case
> with the list. The problem here was that master had only 1000 numbers allocated
> (chosen during IPA installation). Therefore, it had less than 1000 numbers free.
>
> When the replica asked for some free numbers from it, it refused to give any as
> it would lower it's pool of free numbers below 500 (dnaThreshold setting).
>
> Bruno was able to fix the issue with this command run on master:
>
> $ ldapmodify -h `hostname` -D "cn=Directory Manager" -x -W
> dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
> changetype: modify
> replace: dnaMaxValue
> dnaMaxValue: 5000
He should also run idrange-find to see if there is an IPA range listed
and adjust it to match the DNA configuration.
rob
More information about the Freeipa-users
mailing list