We include memberof when doing a total sync so there is no need to re-run the memberOf task in ipa-replica-manage re-initialize unless the agreement doesn't set nsDS5ReplicatedAttributeListTotal.

rob
>From 05118681594cf78a073ca2273cfa0a6ee3bdf378 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Wed, 22 Feb 2012 14:09:02 -0500
Subject: [PATCH] Don't call memberof task when re-initializing a replica.

memberof is not in the EXCLUDE list of nsDS5ReplicatedAttributeListTotal
so we have no need of running the task, memberof will come with the
data.

If that attribute doesn't exist then this agreement was created with
an older version of 389-ds, we DO need to initialize memberOf.

https://fedorahosted.org/freeipa/ticket/2199
---
 install/tools/ipa-replica-manage |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 32cee6e..7ef7890 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -403,8 +403,11 @@ def re_initialize(realm, options):
     repl.initialize_replication(entry[0].dn, repl.conn)
     repl.wait_for_repl_init(repl.conn, entry[0].dn)
 
-    ds = dsinstance.DsInstance(realm_name = realm, dm_password = options.dirman_passwd)
-    ds.init_memberof()
+    # If the agreement doesn't have nsDS5ReplicatedAttributeListTotal it means
+    # we did not replicate memberOf, do so now.
+    if not entry[0].getValue('nsDS5ReplicatedAttributeListTotal'):
+        ds = dsinstance.DsInstance(realm_name = realm, dm_password = options.dirman_passwd)
+        ds.init_memberof()
 
 def force_sync(realm, thishost, fromhost, dirman_passwd):
 
-- 
1.7.6.5

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to