On 11/29/2017 10:53 PM, Rob Crittenden wrote:
skrawczenko--- via FreeIPA-users wrote:
i'm checking with
ldapsearch -Y GSSAPI -b cn=<domain
controller>,cn=replicas,cn=ipa,cn=etc,dc=<mydc>
and there's just
dn: ...
cn: <domain controller>
objectClass: ipaConfigObject
objectClass: nsContainer
objectClass: top
right after ldapmodify
[root@idm0 ~]# ipa-replica-manage list
unexpected error: u'ipaconfigstring'
like something is not letting the attribute to be added or removes it
immediately.
That is sure curious.
Thierry, do you know if the topology plugin would mess with this kind of
entry?
rob
Hi,
topology plugin should not interfere into the udpate of "cn=<domain
controller>,cn=replicas,cn=ipa,cn=etc,dc=<mydc>"
It catches only updates to replica agreements (under cn=config),
segments (cn=topology), hosts (cn=masters), domain level (cn=domain
level).
About the successful update not taken into account. Do you have the
portion of access logs/error logs where the update is done ?
Would you retry
ldapsearch -D "cn=directory manager" -W -b "cn=<domain
controller>,cn=replicas,cn=ipa,cn=etc,dc=<mydc>" nscpentrywsi
best regards
thierry
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
