Any idea?

Thanks for prompt reply Rob. I was just experimenting if it is
possible to setup in a way that users from IPA (A) can be made
available on IPA (B), so that users from A can access clients in B.

Thanks again.

On 5 July 2012 16:28, Rob Crittenden <> wrote:
> Phyo Kyaw wrote:
>> Dear all,
>> server ipa-server-2.1.3-9.el6.x86_64
>> This is probably a question for to Directory 389 users, but..
>> I would like to chain (not master to master replication) users of two
>> or more IPA servers. The first thing I did was trying to chain the IPA
>> 389-ds servers by setting up chaining entries. The chaining entries
>> work out the box on standard 389-DS, but on IPA 389-ds it won't start
>> after adding ldap suffixes. The 389-ds error log only shows
>> [05/Jul/2012:15:00:33 +0000] - Detected Disorderly Shutdown last time
>> Directory Server was running, recovering database.
>> Suffix entry
>> dn:cn=cn\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
>> objectClass:nsMappingTree
>> objectClass:extensibleObject
>> objectClass:top
>> cn:cn=dc=example,dc=com
>> cn:"cn=dc=example,dc=com"
>> nsslapd-backend:testusers
>> nsslapd-state:backend
>> Just wondering if FreeIPA has some other configuration or plugin that
>> prevents/conflicts 389-DS to start. I am guess chaining is something
>> if we have two or more IPAs in one infrastructure.
> I don't know why this would cause the server to not start but IPA doesn't
> support read-only replicas at this time. What is it you are trying to
> achieve?
> rob

Freeipa-users mailing list

Reply via email to