Here is a specific example:

conflict entry:  dn: 
cn=ipaservers+nsuniqueid=e8d2f705-512111e7-9205b5bf-43202000,cn=hostgroups,cn=accounts,dc=domain,dc=tld

Step 1:
$ ldapmodify -D "cn=directory manager" -w secret -p 389 -h ipa0.domain.tld
dn: 
cn=ipaservers+nsuniqueid=e8d2f705-512111e7-9205b5bf-43202000,cn=hostgroups,cn=accounts,dc=domain,dc=tld
changetype: modrdn
newrdn: cn=ipaservtemp
deleteoldrdn: 0
modifying rdn of entry 
"cn=ipaservers+nsuniqueid=e8d2f705-512111e7-9205b5bf-43202000,cn=hostgroups,cn=accounts,dc=domain,dc=tld"

Step 2:

$ ldapmodify -x -D "cn=directory manager" -w secret -p 389 -h ipa1.domain.tld
dn: cn=ipaservtemp,cn=hostgroups,cn=accounts,dc=domain,dc=tld
changetype: modify
delete: cn
cn: ipaservers

delete: nsds5ReplConflict

Step 3:
$ ldapmodify -x -D "cn=directory manager" -w secret -p 389 -h ipa1.domain.tld
dn: cn=ipaservtemp,cn=hostgroups,cn=accounts,dc=domain,dc=tld
changetype: modrdn
newrdn: cn=ipaservers
deleteoldrdn: 1
modifying rdn of entry 
"cn=ipaservtemp,cn=hostgroups,cn=accounts,dc=domain,dc=tld"

This produces the following error:
ldap_rename: Operations error (1)

When I check for the conflict its gone but on ipa1.domain.tld it gives me an 
error saying it can't find ipaservers:
$ ldapsearch -o ldif-wrap=no -ZZ -LLLx -h "ipa1.domain.tld" -D "cn=directory 
manager" -w secret -b cn=ipaservers,cn=hostgroups,cn=accounts,dc=domain,dc=tld 
-s base
No such object (32)
Matched DN: cn=hostgroups,cn=accounts,dc=domain,dc=tld

But when I list all the hostgroups on that same server it does show up:
ldapsearch -o ldif-wrap=no -ZZ -LLLx -h "ipa1.domain.tld" -D "cn=directory 
manager" -w secret -b cn=hostgroups,cn=accounts,dc=domain,dc=tld | grep dn:
dn: cn=ipaservers,cn=hostgroups,cn=accounts,dc=domain,dc=tld
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to