Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-04 Thread Alexander Bokovoy
On Tue, 03 Feb 2015, William wrote: Maybe something to test? You can create a user on the replica without ipa-adtrust-install and watch after replication on whether ipaNTSecurityIdentifier appeared in the user's object in LDAP. I was thinking more unit test or beaker test actually, but I'm

Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-02 Thread Alexander Bokovoy
On Tue, 03 Feb 2015, William wrote: Wow! From all this it really sounds like adding a replica in to an IPA domain where adtrust has been run could have a few edge cases. For example, what would happen if I create a new account on a replica without adtrust? Would sidgen run on the adtrust

Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-02 Thread William
Wow! From all this it really sounds like adding a replica in to an IPA domain where adtrust has been run could have a few edge cases. For example, what would happen if I create a new account on a replica without adtrust? Would sidgen run on the adtrust machine when it get's the record

Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-02 Thread Alexander Bokovoy
On Mon, 02 Feb 2015, William wrote: On Sun, 2015-02-01 at 17:49 +0200, Alexander Bokovoy wrote: Hi, On Sun, 01 Feb 2015, William wrote: Hi, I have a single master instance of IPA 3.3.5 at the moment. I have configured this with IPA adtrust and run the adtrust preparation. I am about to add a

Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-01 Thread Alexander Bokovoy
Hi, On Sun, 01 Feb 2015, William wrote: Hi, I have a single master instance of IPA 3.3.5 at the moment. I have configured this with IPA adtrust and run the adtrust preparation. I am about to add a second replica. The documentation[0][1] doesn't really go into what happens in this

Re: [Freeipa-users] IPA-adtrust and addition of replicas

2015-02-01 Thread William
On Sun, 2015-02-01 at 17:49 +0200, Alexander Bokovoy wrote: Hi, On Sun, 01 Feb 2015, William wrote: Hi, I have a single master instance of IPA 3.3.5 at the moment. I have configured this with IPA adtrust and run the adtrust preparation. I am about to add a second replica. The