Bug 1770728
Summary: | Issue with adding multiple RHEL 7 IPA replica to RHEL 6 IPA master [rhel-7.7.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | RAD team bot copy to z-stream <autobot-eus-copy> |
Component: | ipa | Assignee: | Florence Blanc-Renaud <frenaud> |
Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
Severity: | unspecified | Docs Contact: | |
Priority: | high | ||
Version: | 7.6 | CC: | fcami, frenaud, gbabiano, ipa-maint, msauton, ndehadra, pvoborni, rcritten, ssidhaye, tscherf |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.6.5-11.el7_7.4 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1714076 | Environment: | |
Last Closed: | 2020-02-04 19:32:26 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1714076 | ||
Bug Blocks: |
Description
RAD team bot copy to z-stream
2019-11-11 09:18:36 UTC
Using steps mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1714076#c18 Builds used: Master: [root@master ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.10 (Santiago) [root@master ~]# [root@master ~]# rpm -q ipa-server ipa-server-3.0.0-51.el6.x86_64 Replica 1 [root@replica sysconfig]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.7 (Maipo) [root@replica sysconfig]# [root@replica sysconfig]# rpm -q ipa-server ipa-server-dns ipa-server-4.6.5-11.el7_7.4.x86_64 ipa-server-dns-4.6.5-11.el7_7.4.noarch Replica 2 [root@vm-idm-014 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.7 (Maipo) [root@vm-idm-014 ~]# [root@vm-idm-014 ~]# rpm -q ipa-server ipa-server-dns ipa-server-4.6.5-11.el7_7.4.x86_64 ipa-server-dns-4.6.5-11.el7_7.4.noarch [root@vm-idm-014 ~]# Steps: - install a RHEL 6 master - install a RHEL7 replica with ipa-replica-prepare (on rhel6)/ipa-replica-install (on rhel7) (do not forget to copy and run the script copy-schema-to-ca.py as described in https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrate-6-to-7#migrate-6-7-schema-update-script) - check that replication is working by creating a user on RHEL6 master, then ipa user-show on RHEL7 and vice versa - check that the entry cn=replica,cn=...,cn=mapping tree,cn=config on the rhel6 master contains the attribute nsDS5ReplicaBindDN: krbprincipalname=ldap/replica@DOMAIN - install another RHEL7 replica from the RHEL6 master with ipa-replica-prepare (on rhel6)/ipa-replica-install (on rhel7) - check that replication is working by creating a user on RHEL6 master, then ipa user-show on the second RHEL7 replica, and vice-versa - check that the entry cn=replica,cn=...,cn=mapping tree,cn=config on the rhel6 master contains the attribute nsDS5ReplicaBindDN: krbprincipalname=ldap/replica2@DOMAIN Actual result: Users are being replicated between master and replicas. master contains nsDS5ReplicaBindDN attribute Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:0378 |