Share this post
FaceBook  Twitter  

The information on this page is out-of-date. It is not required as of Fedora 13.

FreeIPA replication on Fedora 10+ servers requires several additional steps to allow it to perform correctly.


Follow the guide in the FreeIPA documentation (http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Multi_Master_Replication.html), but the following additional steps are required:


When attempting to run the replication script on the slave server, a certificate error occurs. Documentation for resolving this error: http://www.mail-archive.com/freeipa-users@redhat.com/msg00033.html


Once the certificate error has been resolved, several schema inconsistencies were found, related to \'nsAIMid\'. Perform the following on the master server:

$ mv /etc/dirsrv/slapd-EXAMPLE-COM/schema/60mozilla.ldif /etc/dirsrv/slapd-EXAMPLE-COM/schema/60mozilla.disabled
$ mv /etc/dirsrv/slapd-EXAMPLE-COM/schema/10presence.ldif /etc/dirsrv/slapd-EXAMPLE-COM/schema/10presence.disabled
$ /etc/init.d/dirsrv restart

Once this is complete, re-run the replica generation script, copy the file to the slave and rerun the configuration. Once this was complete, replication operated correctly.