Sigbjørn Lie wrote:
I just upgraded my FreeIPA @ F14 to 2.0.0.rc3, and attempted to add a
sync agreement with Active Directory.
Added CA certificate /root/testing-ca.cer to certificate database for
ipa: INFO: AD Suffix is: DC=ad,DC=testing,DC=com
The user for the Windows PassSync service is
Windows PassSync entry exists, not resetting password
ipa: INFO: Added new sync agreement, waiting for it to become ready . . .
ipa: INFO: Replication Update in progress: FALSE: status: 0 Replica
acquired successfully: Incremental update succeeded: start:
20110311195207Z: end: 20110311195207Z
ipa: INFO: Agreement is ready, starting replication . . .
ipa: INFO: Failed to create public entry for winsync replica
Starting replication, please wait until this has completed.
Connected 'ipasrv01.ix.testing.com' to 'addc01.ad.testing.com'
Now I can't list the sync agreements. All I get is:
# ipa-replica-manage list
unexpected error: * not found
Can you try running /us/sbin/ipa-ldap-updater?
The problem is this didn't run at install so the spot in the DIT to
store windows replication agreement info wasn't created, so it couldn't
be added (the Failed to create public entry for winsync replica part).
Once you've run ipa-ldap-updater you can add the info with something like:
ldapmodify -x -D 'cn=directory manager' -W
<add an extra RETURN>
^D to quit
Freeipa-users mailing list