On 07/22/2014 05:01 PM, Martin Kosek wrote:
if you alwayys enable it, you would have the same behaviour as before
#47389 (which you see as a regression), so it should be ok.
I was thinking more about the solution to fix migration in FreeIPA 4.0 as
and I realized it will be more complicated.
Conditionally enabling nsslapd-allow-hashed-passwords in cn=config when
migration mode is enabled is tricky as this setting is not replicated, compared
So enabling the migration on one server would still leave it broken on other
servers. The same applies for disabling it again.
Any ideas how to solve the issue? I am thinking we may need to unconditionally
enable this cn=config setting for now to unblock migration (thus effectively
revert https://fedorahosted.org/389/ticket/47389). Any other solution I can
think of would be too complicated.
Freeipa-devel mailing list