On Fri, 08 Jan 2016, Karl Forner wrote:
Ok.

I read a work-around on https://blog-rcritten.rhcloud.com/?p=50

It says that if one has figured out a safe new range for the replica, the
range could be set using:

ldapmodify -x -D 'cn=Directory Manager' -W
Enter LDAP Password:
dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
changetype: modify
replace: dnaNextValue
dnaNextValue: 1689700000
-
replace: dnaMaxValue
dnaMaxValue: 1689799999
^D

modifying entry "cn=Posix IDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config"


I suppose this can be dangerous, but would you consider it as a
work-around, or should it be avoided at all means ?

Rob is one of FreeIPA project original developers and he wrote this
code, so he knows it well. To derive dnaMaxValue/dnaNextValue you need to
consult older server's data, if it is still available (in
/etc/dirsrv/slapd-INSTANCE/dse.ldif).

At worst you'd need to back out the change if things would work.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to