On 11/04/2011 02:26 PM, Martin Kosek wrote:
On Fri, 2011-11-04 at 14:04 -0700, Nathan Kinder wrote:
On 11/04/2011 02:02 PM, Rob Crittenden wrote:
Martin Kosek wrote:
automember functionality is depends on predefined data is in LDAP.
Since we add it for fresh installs only, automember cannot be used
for upgraded servers. Make sure that automember LDAP data is added
during upgrade too.
https://fedorahosted.org/freeipa/ticket/1992
I think you need that automember schema as well. Can you check with
the 389-ds team to see if their upgrade script automatically adds new
schema or if we have to handle that ourselves?
The new automember schema should be added by 'setup-ds.pl -u', so I
don't expect you need to do anything around schema in FreeIPA.
Nathan, when is the "setup-ds.pl -u" executed? When the dirsrv rpm is
updated, just like FreeIPA runs ipa-ldap-updater in rpm update %post? Or
does it have to be run manually?
It is run in the the %posttrans stage for 389-ds-base.
I am asking because the schema problem seems like the root cause that
one user has here (the last post):
https://bugzilla.redhat.com/show_bug.cgi?id=746589
There should be a
'/etc/dirsrv/slapd-<instance>/schema/10automember-plugin.ldif' file if
the proper version
of 389-ds-base is being used and if 'setup-ds.pl -u' successfully
updated the schema. There should also be
a '/etc/dirsrv/schema/10automember-plugin.ldif' file present regardless
of 'setup-ds.pl -u' having run
successfully.
-NGK
Thanks,
Martin
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
