Martin Kosek wrote:
IPA 3.0 introduced range ID objects in replicated space which specify
a range of IDs assigned via DNA plugin. ipa-ldap-updater generates the
default ID range which should correspond with IDs assigned to IPA
users.
However, since correct range size is not known, we should at least
warn that a range with invalid size was created so that user can
amend it.
I created 2 new tickets to add further improve this area:
1) #2918: [doc] Upgrade procedure section should mention ipa-ldap-updater
2) #2919: Improve safety checks in range command
To test this patch, you can:
1) Install unpatched IPA server (and you may install replicas too) with custom
--idstart and --idmax options where difference is greater then 200000
2) Remove default range with range-del command (will be restored during upgrade)
3) Run RPM upgrade with RPMs built from patched sources - ERROR should now be
printed during update stating that a new range was created but its size is not
right
I don't understand step 2, why would someone remove their range before
upgrading?
I installed with a 50k range, didn't remove it, then upgraded with no
warning. I deleted the range and re-installed the packages again, still
no warning but a new 200k range was created for me.
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
