[Freeipa-users] freeIPA replication
James Roman
james.roman at ssaihq.com
Fri Dec 11 20:05:21 UTC 2009
If I remember correctly, I had to comment out the following entries in
the /etc/dirsrv/slapd-XXXX/schema/99user.ldif file:
# objectClasses: ( 2.16.840.1.113730.3.2.300 NAME 'nsAIMpresence' DESC
'Netscape
defined objectclass' SUP top AUXILIARY MAY (nsaimid $ nsaimstatusgraphic $
nsaimstatustext ) X-ORIGIN ( 'Netscape Directory Server' 'user
defined' ) )
# objectClasses: ( 2.16.840.1.113730.3.2.301 NAME 'nsICQpresence' DESC
'Netscape
defined objectclass' SUP top AUXILIARY MAY ( nsicqid $
nsicqstatusgraphic $
nsICQStatusText ) X-ORIGIN ( 'Netscape Directory Server' 'user
defined' ) )
# objectClasses: ( 2.16.840.1.113730.3.2.302 NAME 'nsYIMpresence' DESC
'Netscape
defined objectclass' SUP top AUXILIARY MAY ( nsyimid $
nsyimstatusgraphic $
nsYIMStatusText ) X-ORIGIN ( 'Netscape Directory Server' 'user
defined' ) )
# objectClasses: ( 2.16.840.1.113730.3.2.303 NAME 'nsMSNpresence' DESC
'Netscape
defined objectclass' SUP top AUXILIARY MAY nsmsnid X-ORIGIN (
'Netscape Dir
ectory Server' 'user defined' ) )
Rich Megginson wrote:
> Rob Crittenden wrote:
>> Виктор Сергеевич wrote:
>>> On fedora 11:
>>>
>>> Name : 389-ds-base Relocations: (not
>>> relocatable)
>>> Version : 1.2.2 Vendor: Fedora Project
>>> Release : 1.fc11 Build Date: Wed 26 Aug 2009
>>> 12:07:44 AM MSD
>>> Install Date: Fri 11 Dec 2009 10:46:32 AM MSK Build Host:
>>> x86-1.fedora.phx.redhat.com
>>> Group : System Environment/Daemons Source RPM:
>>> 389-ds-base-1.2.2-1.fc11.src.rpm
>>> Size : 5080205 License: GPLv2 with
>>> exceptions
>>> Signature : RSA/SHA1, Wed 26 Aug 2009 04:34:33 PM MSD, Key ID
>>> 1dc5c758d22e77f2
>>> Packager : Fedora Project
>>> URL : http://port389.org/
>>> Summary : 389 Directory Server (base)
>>>
>>
>> IIRC in 389-ds 1.2.2 some schema was dropped/modified. If you try to
>> replicate between < 1.2.2 and >= 1.2.2 you can get this error because
>> the schema isn't defined on one side.
>>
>> I'm not sure the best way to work around this. Options include:
>>
>> - sync up the 389-ds versions between your servers. This would likely
>> require building your own set of rpms on one or the other.
>> - add the missing schema to the F-11 server in /etc/dirsrv/schema.
>> This has the downside that you'll probably end up broken in other
>> very odd some time way into the future.
>> - modify 99user.ldif on the replicated system and remove the
>> offending attributes. At the point in the replica installation where
>> this fails the installer is almost done. The only missing steps are
>> the DNS configuration and configuring the client.
>>
>> There may be other options, and again I'm not sure which is the best
>> at this point. Rich, what do you think?
> With 389-ds-base 1.2.3 and later (1.2.5.rc2 is currently available
> from the testing repos) 99user.ldif is fixed to remove the offending
> schema upon upgrade (yum or rpm), or by doing setup-ds.pl -u.
>>
>> rob
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list