On Feb 22, 2012, at 11:26 AM, Rob Crittenden wrote:

> We include memberof when doing a total sync so there is no need to re-run the 
> memberOf task in ipa-replica-manage re-initialize unless the agreement 
> doesn't set nsDS5ReplicatedAttributeListTotal.
> 
> rob
> <freeipa-rcrit-957-memberof.patch>_______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

NACK 

:/

When using this patch, it seems to provide the replica with 
nsDS5ReplicatedAttributeList but omits the nsDS5ReplicatedAttributeListTotal 
which causes / triggers the memberof.  The current 2.1.4 has the opposite 
problem... It HAS nsDS5ReplicatedAttributeListTotal but does not have 
nsDS5ReplicatedAttributeList... So when it adds all the memberof data, the 
replica replicates all that info back to the master and anyone else in the 
replica party.

-JR

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to