Hello,
On 3.3.2014 22:57, Brendan Kearney wrote:
> Which distribution version you use? Fedora 20, with latest updates
> What plugin version you use? bind-dyndb-ldap-3.5-1.fc20.x86_64
Please make sure that you read and follow
https://www.redhat.com/archives/freeipa-interest/2014-February/msg00001.html
before you upgrade bind-dyndb-ldap to version 4.x.
The bind-dyndb-ldap 4.1 is being pushed to Fedora-updates repo right now.
I will comment on your configuration in-line:
Do you use bind-dyndb-ldap as part of ​FreeIPA installation? no, using
openldap-servers-2.4.39-2.fc20.x86_64
Please make sure that syncrepl provider is configured on your LDAP server.
Syncrepl support on server side is *required* from version 4.0.
Please provide dynamic-db section from configuration
file /etc/named.conf
dynamic-db "my-domain.com" {
library "ldap.so";
arg "uri ldap://127.0.0.1/";;
arg "base cn=dns,dc=my-domain,dc=com";
arg "auth_method simple";
arg "bind_dn cn=Manager,dc=my-domain,dc=com";
arg "password *****";
arg "psearch no";
This option was removed (replaced by mandatory syncrepl).
// arg "serial_autoincrement yes";
This feature is now mandatory so the option was removed. Please make sure that
bind-dyndb-ldap has write access to the configured sub-tree.
arg "sync_ptr yes";
arg "dyn_update yes";
arg "connections 2";
arg "cache_ttl 300";
This option was removed (replaced by mandatory syncrepl).
arg "verbose_checks yes";
};
I hope this helps to prevent surprise after upgrade.
Let us know if you encounter any problems!
--
Petr^2 Spacek
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
