Attached patch fixes an upgrade issue from 4.1.4 to master. With this patch upgrade works, and ipa-replica-prepare works on upgraded server.
Thanks, Fraser
From eb1043521317e5759444caaedef1fd81eda55b47 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale <ftwee...@redhat.com> Date: Fri, 12 Jun 2015 07:54:23 -0400 Subject: [PATCH] Server upgrade: disconnect ldap2 before DS restart If ldap2 is not disconnected and DS is restarted, it will believe that it is still connected and connect error will result. Disconnect the ldap2 backend before a DS restart to prevent this. --- ipaserver/install/server/upgrade.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index 306d1d27cda7a517117110ad3e6a760108f0fe19..923b4c2c0da3e9ff1b1341e673fda6d6cda126a2 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -1239,6 +1239,8 @@ def fix_trust_flags(): if cert: db.trust_root_cert(nickname, 'CT,C,C') + api.Backend.ldap2.disconnect() + sysupgrade.set_upgrade_state('http', 'fix_trust_flags', True) @@ -1275,6 +1277,8 @@ def add_default_caacl(ca): api.Command.caacl_add_profile(u'hosts_services_caIPAserviceCert', certprofile=(u'caIPAserviceCert',)) + api.Backend.ldap2.disconnect() + sysupgrade.set_upgrade_state('caacl', 'add_default_caacl', True) -- 2.1.0
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code