On 07/02/2014 08:14 AM, Jan Cholasta wrote:
> On 1.7.2014 16:45, Tomas Babej wrote:
>> Hi,
>>
>> The replication related attributes nsds5replicalastupdatestart and
>> nsds5replicalastupdateend have special behaviour implemented in 389,
>> as follows:
>>
>> In case they are explicitly requested for and not set, 0 is returned.
>>
>> However, 0 is not a valid value for LDAP Generalized time. Thus
>> we need to add these attributes to the _SYNTAX_OVERRIDE dictionary,
>> overriding their conversion to datetime and converting them to
>> string instead, which preserves the old behaviour expected by the
>> replication codebase.
>>
>> https://fedorahosted.org/freeipa/ticket/4350
>>
>> Note: This makes patch 236 obsolete.
>> Note II: This is a short-term fix from my point of view. Ticket to
>> resolve the underlying issue has been filed to 389:
>>
>> https://fedorahosted.org/389/ticket/47836
> 
> It should be unicode, not str, if you want old behavior.
> 

Given that Tomas is away and we want this in 4.0, I revisited the patch add
fixed the conversion + added 2 more date attributes which would cause issues
with "ipa-replica-manage HOST -v". Now it works:

# ipa-replica-manage list server.example.com -v
vm-086.idm.lab.bos.redhat.com: replica
  last init status: None
  last init ended: None
  last update status: 0 Replica acquired successfully: Incremental update 
started
  last update ended: None

# ipa-replica-manage list -v replica.example.com
vm-111.idm.lab.bos.redhat.com: replica
  last init status: 0 Total update succeeded
  last init ended: 2014-07-02 13:42:12+00:00
  last update status: 0 Replica acquired successfully: Incremental update 
succeeded
  last update ended: 2014-07-02 14:02:03+00:00

Martin
From e4e6ce3dd760b6bb66cd444527fe0010263dfb7b Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Wed, 2 Jul 2014 16:04:34 +0200
Subject: [PATCH] ipaldap: Override conversion replication agreement values

The replication related date attributes have special behaviour
implemented in 389, as follows:

In case they are explicitly requested for and not set, 0 is returned.

However, 0 is not a valid value for LDAP Generalized time. Thus
the attributes need to be added to the _SYNTAX_OVERRIDE dictionary,
overriding their conversion to datetime and converting them to
string instead, which perserves the old behaviour expected by the
replication codebase.

Based on a patch by Tomas Babej <tba...@redhat.com>.

https://fedorahosted.org/freeipa/ticket/4350
---
 ipapython/ipaldap.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py
index 21706cff08a0d8be07db8a1b5fdb0367c10ad53d..44918c39a131b1c19338dd198a27777275539624 100644
--- a/ipapython/ipaldap.py
+++ b/ipapython/ipaldap.py
@@ -263,6 +263,10 @@ class IPASimpleLDAPObject(object):
         'idnssoamname':    DNSName,
         'idnssoarname':    DNSName,
         'dnszoneidnsname': DNSName,
+        'nsds5replicalastupdatestart': unicode,
+        'nsds5replicalastupdateend': unicode,
+        'nsds5replicalastinitstart': unicode,
+        'nsds5replicalastinitend': unicode,
     })
     _SINGLE_VALUE_OVERRIDE = CIDict({
         'nsslapd-ssl-check-hostname': True,
-- 
1.9.3

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to