On 04/11/2015 09:51 PM, Traiano Welcome wrote: > Hi > > I got this error while installing an IPA replica of my primary master > IDM server: > > ".LDAPUpdate: ERROR Add failure missing required attribute "objectclass" > > > Replica add command: > > ipa-replica-install --setup-ca --setup-dns --no-forwarders > /var/lib/ipa/replica-info-siteX-idm-slve.lol.local.gpg > > A little more context: > > > --- > . > . > . > > Done configuring ipa-otpd. > Applying LDAP updates > ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure > missing required attribute "objectclass" > ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure > missing required attribute "objectclass" > ipa.ipaserver.install.ldapupdate.LDAPUpdate: ERROR Add failure > missing required attribute "objectclass" > ipa : ERROR Anonymous ACI not found, cannot update it > Restarting the directory server > Restarting the KDC > Restarting the certificate server > Using reverse zone xxx.16.172.in-addr.arpa. > > --- > > What does this error mean? If it's suggesting that somehow a key ldap > attribute was not created, how can I fix this?
Most probably, update process tried to add members to some object/role/privilege, it did not exist so it tried to add just the members, which failed as objectclass is required for new objects. We would need to see ipareplica-install.log, to see which attribute it was. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project