[Freeipa-users] .LDAPUpdate: ERROR Add failure missing required attribute "objectclass"
Martin Kosek
mkosek at redhat.com
Mon Apr 13 06:39:38 UTC 2015
On 04/11/2015 09:51 PM, Traiano Welcome wrote:
> Hi
>
> I got this error while installing an IPA replica of my primary master
> IDM server:
>
> ".LDAPUpdate: ERROR Add failure missing required attribute "objectclass"
>
>
> Replica add command:
>
> ipa-replica-install --setup-ca --setup-dns --no-forwarders
> /var/lib/ipa/replica-info-siteX-idm-slve.lol.local.gpg
>
> A little more context:
>
>
> ---
> .
> .
> .
>
> Done configuring ipa-otpd.
> Applying LDAP updates
> ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure
> missing required attribute "objectclass"
> ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure
> missing required attribute "objectclass"
> ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure
> missing required attribute "objectclass"
> ipa : ERROR Anonymous ACI not found, cannot update it
> Restarting the directory server
> Restarting the KDC
> Restarting the certificate server
> Using reverse zone xxx.16.172.in-addr.arpa.
>
> ---
>
> What does this error mean? If it's suggesting that somehow a key ldap
> attribute was not created, how can I fix this?
Most probably, update process tried to add members to some
object/role/privilege, it did not exist so it tried to add just the members,
which failed as objectclass is required for new objects.
We would need to see ipareplica-install.log, to see which attribute it was.
More information about the Freeipa-users
mailing list