[Freeipa-users] Upgrading freeipa server from f18 to f20

[Thomas Sailer]

Here's the corresponding log (from another attempt, thus the differing 
timestamps) of the server slapd:

[09/Jan/2014:12:19:35 +0100] conn=375 fd=73 slot=73 connection from 
a.b.c.d to e.f.g.h
[09/Jan/2014:12:19:35 +0100] conn=375 op=0 EXT 
oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[09/Jan/2014:12:19:35 +0100] conn=375 op=0 RESULT err=0 tag=120 
nentries=0 etime=0
[09/Jan/2014:12:19:35 +0100] conn=375 SSL 256-bit AES
[09/Jan/2014:12:19:35 +0100] conn=375 op=1 BIND dn="cn=Directory 
Manager" method=128 version=3
[09/Jan/2014:12:19:35 +0100] conn=375 op=1 RESULT err=0 tag=97 
nentries=0 etime=0 dn="cn=directory manager"
[09/Jan/2014:12:19:35 +0100] conn=375 op=2 SRCH base="cn=config,cn=ldbm 
database,cn=plugins,cn=config" scope=0 filter="(objectClass=*)" 
attrs="nsslapd-directory"
[09/Jan/2014:12:19:35 +0100] conn=375 op=2 RESULT err=0 tag=101 
nentries=1 etime=0
[09/Jan/2014:12:19:35 +0100] conn=375 op=3 SRCH base="cn=schema" scope=0 
filter="(objectClass=*)" attrs="attributeTypes objectClasses"
[09/Jan/2014:12:19:36 +0100] conn=375 op=3 RESULT err=0 tag=101 
nentries=1 etime=1
[09/Jan/2014:12:19:36 +0100] conn=375 op=4 SRCH 
base="cn=replication,cn=etc,dc=axsem,dc=com" scope=0 
filter="(objectClass=*)" attrs=ALL
[09/Jan/2014:12:19:36 +0100] conn=375 op=4 RESULT err=0 tag=101 
nentries=1 etime=0
[09/Jan/2014:12:19:36 +0100] conn=375 op=5 MOD 
dn="cn=replication,cn=etc,dc=xxxx,dc=com"
[09/Jan/2014:12:19:36 +0100] conn=375 op=5 RESULT err=0 tag=103 
nentries=0 etime=0 csn=52ce8617000000040000
[09/Jan/2014:12:19:36 +0100] conn=375 op=6 SRCH 
base="cn=replica,cn=dc\3Dxxxx\2Cdc\3Dcom,cn=mapping tree,cn=config" 
scope=0 filter="(objectClass=*)" attrs=ALL
[09/Jan/2014:12:19:36 +0100] conn=375 op=6 RESULT err=0 tag=101 
nentries=1 etime=0
[09/Jan/2014:12:19:36 +0100] conn=375 op=7 ADD dn="cn=replication 
manager,cn=config"
[09/Jan/2014:12:19:36 +0100] conn=375 op=7 RESULT err=19 tag=105 
nentries=0 etime=0
[09/Jan/2014:12:19:36 +0100] conn=375 op=8 UNBIND
[09/Jan/2014:12:19:36 +0100] conn=375 op=8 fd=73 closed - U1

I don't have cn=replication manager,cn=config, should I?

When I manually try to create this entry like this (ldapvi syntax), I get:

add cn=replication manager,cn=config
objectClass: inetorgperson
objectClass: person
objectClass: top
cn: replication manager
sn: RM
userPassword: password
passwordExpirationTime: 20380119031407Z

ldap_add: Constraint violation (19)
         additional info: pre-hashed passwords are not valid

Why is that?