Sigbjørn Lie wrote:

I just upgraded my FreeIPA @ F14 to 2.0.0.rc3, and attempted to add a
sync agreement with Active Directory.

Added CA certificate /root/testing-ca.cer to certificate database for
ipa: INFO: AD Suffix is: DC=ad,DC=testing,DC=com
The user for the Windows PassSync service is
Windows PassSync entry exists, not resetting password
ipa: INFO: Added new sync agreement, waiting for it to become ready . . .
ipa: INFO: Replication Update in progress: FALSE: status: 0 Replica
acquired successfully: Incremental update succeeded: start:
20110311195207Z: end: 20110311195207Z
ipa: INFO: Agreement is ready, starting replication . . .
ipa: INFO: Failed to create public entry for winsync replica
Starting replication, please wait until this has completed.
Update succeeded
Connected '' to ''

Now I can't list the sync agreements. All I get is:

# ipa-replica-manage list
unexpected error: * not found

Any ideas?

Can you try running /us/sbin/ipa-ldap-updater?

The problem is this didn't run at install so the spot in the DIT to store windows replication agreement info wasn't created, so it couldn't be added (the Failed to create public entry for winsync replica part).

Once you've run ipa-ldap-updater you can add the info with something like:

ldapmodify -x -D 'cn=directory manager' -W
changetype: add
objectclass: nsContainer
objectclass: ipaConfigObject
<add an extra RETURN>

^D to quit

Freeipa-users mailing list

Reply via email to