On 30/05/2023 08:21, Florence Blanc-Renaud wrote:
Hi,
On Fri, May 26, 2023 at 10:26 PM lejeczek via
FreeIPA-users <[email protected]> wrote:
Hi guys.
for what 'ipa-healthcheck' complains of:
{
"source": "ipahealthcheck.ds.replication",
"check": "ReplicationCheck",
"result": "WARNING",
"uuid": "720d7af6-5a11-486f-a610-f6f06ec4d9e2",
"when": "20230526202306Z",
"duration": "0.054683",
"kw": {
"key": "DSREPLLE0002",
"items": [
"Replication",
"Conflict Entries"
],
"msg": "There were 1 conflict entries found
under the replication suffix \"o=ipaca\"."
}
},
and old trick finds not culprit:
-> $ ldapsearch -LLL -H ldaps://$(hostname) -Y GSSAPI
-D 'cn=Directory Manager' -b 'o=ipaca'
'(&(objectClass=ldapSubEntry)(nsds5ReplConflict=*))'
nsds5ReplConflict
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 256
SASL data security layer installed.
Re-try the same command but without the -Y GSSAPI option
(otherwise if you have an admin kerberos ticket, the
operation is performed as admin instead of Directory
Manager and the ACIs may hide some entries).
HTH,
flo
right... man! thank you. (should the same apply to any other
ldap user-manual, outside of ipa-tools, operation?)_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
