The server update plugin update_dna_shared_config updates shared DNA configuration and adds dnaRemoteBindMethod=SASL/GSSAPI and dnaRemoteConnProtocol=LDAP to the host's entries under cn=posix-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX. There are always two entries:
update_dna_shared_config
dnaRemoteBindMethod=SASL/GSSAPI
dnaRemoteConnProtocol=LDAP
cn=posix-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
dnaHostname=fqdn+dnaPortNum=0
dnaHostname=fqdn+dnaPortNum=389
389-DS creates both entries. The second entry is created a couple of seconds later than the first. It's possible that the plugin only updates the first entry and then stops. This can cause replication issues for DNA until the first time ipa-server-update is executed.
ipa-server-update
The entries with dnaPortNumber=389 are missing remote bind method and protocol attributes.
dnaPortNumber=389
All attributes have remote bind method and protocol configuration.
Metadata Update from @cheimes: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5752
master:
ipa-4-8:
ipa-4-9:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.