-
- Upgrade: fix replica agreement
-
- The upgrade checks the replication agreements to ensure that
- some attributes are excluded from replication. The agreements
- are stored in entries like
- cn=serverToreplica,cn=replica,cn=_suffix_,cn=mapping tree,cn=config
- but those entries are managed by the replication topology plugin
- and should not be updated directly. The consequence is that the update
- of the attributes fails and ipa-server-update prints an error message:
-
- Error caught updating nsDS5ReplicatedAttributeList: Server is unwilling
- to perform: Entry and attributes are managed by topology plugin.No direct
- modifications allowed.
- Error caught updating nsDS5ReplicatedAttributeListTotal: Server is
- unwilling to perform: Entry and attributes are managed by topology
- plugin.No direct modifications allowed.
-
- The upgrade continues but the replication is not excluding
- passwordgraceusertime.
-
- Instead of editing the agreements, perform the modifications on
- the topology segments.
-
- Fixes: https://pagure.io/freeipa/issue/9385
- Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
- Reviewed-By: Rob Crittenden <rcritten@redhat.com>
-
-
-