On Tue, 2014-03-04 at 14:11 +0100, Petr Spacek wrote: > Hello, > > On 3.3.2014 22:57, Brendan Kearney wrote: > > Which distribution version you use? Fedora 20, with latest updates > > What plugin version you use? bind-dyndb-ldap-3.5-1.fc20.x86_64 > > Please make sure that you read and follow > https://www.redhat.com/archives/freeipa-interest/2014-February/msg00001.html > before you upgrade bind-dyndb-ldap to version 4.x. > > The bind-dyndb-ldap 4.1 is being pushed to Fedora-updates repo right now. > > I will comment on your configuration in-line: > > Do you use bind-dyndb-ldap as part of ​FreeIPA installation? no, using > > openldap-servers-2.4.39-2.fc20.x86_64 > Please make sure that syncrepl provider is configured on your LDAP server. > Syncrepl support on server side is *required* from version 4.0. > > > Please provide dynamic-db section from configuration > > file /etc/named.conf > > dynamic-db "my-domain.com" { > > library "ldap.so"; > > arg "uri ldap://127.0.0.1/";; > > arg "base cn=dns,dc=my-domain,dc=com"; > > arg "auth_method simple"; > > arg "bind_dn cn=Manager,dc=my-domain,dc=com"; > > arg "password *****"; > > arg "psearch no"; > This option was removed (replaced by mandatory syncrepl). > > > // arg "serial_autoincrement yes"; > This feature is now mandatory so the option was removed. Please make sure > that > bind-dyndb-ldap has write access to the configured sub-tree. > > > arg "sync_ptr yes"; > > arg "dyn_update yes"; > > arg "connections 2"; > > arg "cache_ttl 300"; > This option was removed (replaced by mandatory syncrepl). > > > arg "verbose_checks yes"; > > }; > > I hope this helps to prevent surprise after upgrade. > > Let us know if you encounter any problems! >
syncrepl is configured and i am using it for N-Way Multi Master Replication between 2 hosts. are there specific configs i need to add/change for the bind-dyndb-ldap piece? _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
