On Fri, Oct 8, 2010 at 11:39, James Roman <james.ro...@ssaihq.com> wrote: > >> So does anyone have any more suggestions? Or should I just configure a >> new replica with new hostname and IP? >> >> Thanks, >> >> Dan > > I've seen the initial problem where the memberof elements stop updating on > my own FreeIPA v1 replica as well. Normally it happens after I perform a > full init of the replica. The subsequent errors you are experiencing have > not occurred on my system. You have not indicated a synchronization error > anywhere, but they tend to get buried in the error logs. I assume you are > not short on disk space on the replica. I also assume that the /var has not > been mounted as read-only. (I've had a few oddities where disk/storage > problems have caused a file-system to be remounted read-only recently) > > Out of curiosity, if you modify a user on the replica, do the changes get > saved to the record? If you add a user to a new group on the replica does > the memberof attribute get added to the user's record?
Hmm, very strange. Adding my user to another group appears to have fixed the memberOf attributes for my user on the replica.... Presumably, the fixup-memberof.pl script is supposed to do this - strange that it does not appear to work. I can create a temporary group, add all users to it and then remove them again - possibly that would fix the problem? I'm still a little concerned by log entries such as (on the replica): NSMMReplicationPlugin - replica_check_for_data_reload: Warning: data for replica dc=example,dc=com was reloaded and it no longer matches the data in the changelog (replica data > changelog). Recreating the changelog file. This could affect replication with replica's consumers in which case the consumers should be reinitialized. Thanks, Dan _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users