On Wed, 6 Oct 2010 10:26:48 -0400 Dan Scott <[email protected]> wrote:
> Hi, > > I have master and slave FreeIPA servers. I recently upgraded the slave > by wiping, re-installing Fedora 13 and re-creating the replication > using ipa-replica-prepare and ipa-replica-install. > > For some reason, the slave is having difficulty replicating the > memberOf attribute. I can attach an LDAP viewer to the replica, and > view the schema, but the memberOf attributes are missing. Also, the > master server contains the lines: > > - Entry "cn=admins,cn=groups,cn=accounts,dc=example,dc=com" -- > attribute "memberOf" not allowed > NSMMReplicationPlugin - repl_set_mtn_referrals: could not set > referrals for replica dc=example,dc=com: 20 > NSMMReplicationPlugin - replica_reload_ruv: Warning: new data for > replica dc=example,dc=com does not match the data in the changelog. > Recreating the changelog file. This could affect replication with > replica's consumers in which case the consumers should be > reinitialized. > [06/Oct/2010:09:58:33 -0400] - skipping cos definition cn=account > inactivation,cn=accounts,dc=example,dc=com--no templates found > > The rest of the replication appears to be working correctly (as far as > I can tell). > > I have tried using ipa-replica-manage init and synch to try to fix the > replication, but I suspect this has something to do with the schema > definition. > > Does anyone have any pointers/ideas for how I can fix this? Dan, the memberof attribute is explicitly not replicated, and should be simply re-generated on the receiving replica when "member" attributes are replicated. Are the IPA versions on the master and the replica the same ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
