From 73d0d03891c8585a925f5b49739990c579999f6e Mon Sep 17 00:00:00 2001 From: Martin Babinsky Date: Nov 29 2016 15:09:59 +0000 Subject: upgrade: add replica bind DN group check interval to CA topology config Without this attribute explicitly set the replication plugin won't recognize updates from members of 'replication managers' sysaccount group, leading to stuck replica CA installation. https://fedorahosted.org/freeipa/ticket/6508 Reviewed-By: Florence Blanc-Renaud --- diff --git a/install/share/ca-topology.uldif b/install/share/ca-topology.uldif index fea591b..8fe38e7 100644 --- a/install/share/ca-topology.uldif +++ b/install/share/ca-topology.uldif @@ -12,3 +12,4 @@ default: cn: ca dn: cn=replica,cn=o\3Dipaca,cn=mapping tree,cn=config onlyifexist: nsds5replicabinddngroup: cn=replication managers,cn=sysaccounts,cn=etc,$SUFFIX +add: nsds5replicabinddngroupcheckinterval: 60