On 11/04/2011 02:35 PM, Nathan Kinder wrote:
On 11/04/2011 02:26 PM, Martin Kosek wrote:
On Fri, 2011-11-04 at 14:04 -0700, Nathan Kinder wrote:
On 11/04/2011 02:02 PM, Rob Crittenden wrote:
Martin Kosek wrote:
automember functionality is depends on predefined data is in LDAP.
Since we add it for fresh installs only, automember cannot be used
for upgraded servers. Make sure that automember LDAP data is added
during upgrade too.
https://fedorahosted.org/freeipa/ticket/1992
I think you need that automember schema as well. Can you check with
the 389-ds team to see if their upgrade script automatically adds new
schema or if we have to handle that ourselves?
The new automember schema should be added by 'setup-ds.pl -u', so I
don't expect you need to do anything around schema in FreeIPA.
Nathan, when is the "setup-ds.pl -u" executed? When the dirsrv rpm is
updated, just like FreeIPA runs ipa-ldap-updater in rpm update %post? Or
does it have to be run manually?
It is run in the the %posttrans stage for 389-ds-base.
I am asking because the schema problem seems like the root cause that
one user has here (the last post):
https://bugzilla.redhat.com/show_bug.cgi?id=746589
There should be a
'/etc/dirsrv/slapd-<instance>/schema/10automember-plugin.ldif' file if
the proper version
of 389-ds-base is being used and if 'setup-ds.pl -u' successfully
updated the schema. There should also be
a '/etc/dirsrv/schema/10automember-plugin.ldif' file present
regardless of 'setup-ds.pl -u' having run
successfully.
I just tested running 'setup-ds.pl -u' manually with a master build of
389-ds-base, and there is a bug that is preventing the updates from
being applied. I logged the following bug for this:
https://bugzilla.redhat.com/show_bug.cgi?id=751495
The fix is a one-liner, and I believe Rich is working on getting a fixed
build out ASAP.
-NGK
Thanks,
Martin
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
