On Mon, 2011-11-28 at 18:16 -0500, Rob Crittenden wrote: > Nathan Kinder wrote: > > On 11/04/2011 02:35 PM, Nathan Kinder wrote: > >> On 11/04/2011 02:26 PM, Martin Kosek wrote: > >>> On Fri, 2011-11-04 at 14:04 -0700, Nathan Kinder wrote: > >>>> On 11/04/2011 02:02 PM, Rob Crittenden wrote: > >>>>> Martin Kosek wrote: > >>>>>> automember functionality is depends on predefined data is in LDAP. > >>>>>> Since we add it for fresh installs only, automember cannot be used > >>>>>> for upgraded servers. Make sure that automember LDAP data is added > >>>>>> during upgrade too. > >>>>>> > >>>>>> https://fedorahosted.org/freeipa/ticket/1992 > >>>>> I think you need that automember schema as well. Can you check with > >>>>> the 389-ds team to see if their upgrade script automatically adds new > >>>>> schema or if we have to handle that ourselves? > >>>> The new automember schema should be added by 'setup-ds.pl -u', so I > >>>> don't expect you need to do anything around schema in FreeIPA. > >>> Nathan, when is the "setup-ds.pl -u" executed? When the dirsrv rpm is > >>> updated, just like FreeIPA runs ipa-ldap-updater in rpm update %post? Or > >>> does it have to be run manually? > >> It is run in the the %posttrans stage for 389-ds-base. > >>> I am asking because the schema problem seems like the root cause that > >>> one user has here (the last post): > >>> > >>> https://bugzilla.redhat.com/show_bug.cgi?id=746589 > >> There should be a > >> '/etc/dirsrv/slapd-<instance>/schema/10automember-plugin.ldif' file if > >> the proper version > >> of 389-ds-base is being used and if 'setup-ds.pl -u' successfully > >> updated the schema. There should also be > >> a '/etc/dirsrv/schema/10automember-plugin.ldif' file present > >> regardless of 'setup-ds.pl -u' having run > >> successfully. > > I just tested running 'setup-ds.pl -u' manually with a master build of > > 389-ds-base, and there is a bug that is preventing the updates from > > being applied. I logged the following bug for this: > > > > https://bugzilla.redhat.com/show_bug.cgi?id=751495 > > > > The fix is a one-liner, and I believe Rich is working on getting a fixed > > build out ASAP. > > ACK, works for me. > > rob
Pushed to master, ipa-2-1. Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
