On 4.3.2014 14:26, Brendan Kearney wrote:
On Tue, 2014-03-04 at 14:11 +0100, Petr Spacek wrote:

On 3.3.2014 22:57, Brendan Kearney wrote:
  > Which distribution version you use? Fedora 20, with latest updates
  > What plugin version you use? bind-dyndb-ldap-3.5-1.fc20.x86_64

Please make sure that you read and follow
before you upgrade bind-dyndb-ldap to version 4.x.

The bind-dyndb-ldap 4.1 is being pushed to Fedora-updates repo right now.

I will comment on your configuration in-line:
Do you use bind-dyndb-ldap as part of ​FreeIPA installation? no, using
Please make sure that syncrepl provider is configured on your LDAP server.
Syncrepl support on server side is *required* from version 4.0.

Please provide dynamic-db section from configuration
file /etc/named.conf
dynamic-db "my-domain.com" {
              library "ldap.so";
           arg "uri ldap://";;
              arg "base cn=dns,dc=my-domain,dc=com";
           arg "auth_method simple";
      arg "bind_dn cn=Manager,dc=my-domain,dc=com";
      arg "password *****";
      arg "psearch no";
This option was removed (replaced by mandatory syncrepl).

      // arg "serial_autoincrement yes";
This feature is now mandatory so the option was removed. Please make sure that
bind-dyndb-ldap has write access to the configured sub-tree.

      arg "sync_ptr yes";
      arg "dyn_update yes";
      arg "connections 2";
           arg "cache_ttl 300";
This option was removed (replaced by mandatory syncrepl).

      arg "verbose_checks yes";

I hope this helps to prevent surprise after upgrade.

Let us know if you encounter any problems!

syncrepl is configured and i am using it for N-Way Multi Master
Replication between 2 hosts.  are there specific configs i need to
add/change for the bind-dyndb-ldap piece?

I'm not aware of any, it should 'just work'. Version 4.0 requires a writable working directory but it is provided by RPM package so you should be ready for upgrade.

Enjoy :-)

Petr^2 Spacek

Freeipa-users mailing list

Reply via email to