Bug 1955658 - Enabling replication on supplier node using 'dsconf replication enable' command fails with "ERROR: Error: Server is unwilling to perform - Attribute nsDS5ReplicaId value (65535) is invalid, must be a number between 1 and 65534."
Summary: Enabling replication on supplier node using 'dsconf replication enable' comma...
Keywords:
Status: POST
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: 389-ds-base
Version: 11.0
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: DS11.2
: ---
Assignee: mreynolds
QA Contact: RHDS QE
Marc Muehlfeld
URL:
Whiteboard: sync-to-jira
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-04-30 15:25 UTC by Akshay Sakure
Modified: 2021-05-12 11:03 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)

Description Akshay Sakure 2021-04-30 15:25:44 UTC
-  Description of problem:
Enabling replication on supplier node using 'dsconf replication enable' command fails with  "ERROR: Error: Server is unwilling to perform - Attribute nsDS5ReplicaId value (65535) is invalid, must be a number between 1 and 65534."

-  Version-Release number of selected component (if applicable):
python3-lib389-1.4.3.21-3.module+el8dsrv+10401+3d549418.noarch
cockpit-389-ds-1.4.3.21-3.module+el8dsrv+10401+3d549418.noarch
389-ds-base-libs-1.4.3.21-3.module+el8dsrv+10401+3d549418.x86_64
389-ds-base-1.4.3.21-3.module+el8dsrv+10401+3d549418.x86_64

-  How reproducible:
Always

-  Steps to Reproduce:
1. Install RHDS 11 on RHEL 8 and create an DS instance.
2. Enable replication on supplier.

-  Actual results:
Enabling replication fails with an error:
---
# dsconf -D "cn=Directory Manager" ldap://server1.example.com replication  enable --suffix="dc=example,dc=com" --role="master"  --replica-id=1
Enter password for cn=Directory Manager on ldap://server1.example.com: 
Error: Server is unwilling to perform - Attribute nsDS5ReplicaId value (65535) is invalid, must be a number between 1 and 65534.   <--- Error
---

-  Expected results:
Replication should be enabled on supplier without any error:
---
# dsconf -D "cn=Directory Manager" ldap://`hostname` replication  enable --suffix="dc=example,dc=com" --role="master"  --replica-id=1
Enter password for cn=Directory Manager on ldap://server1.example.com: 
Replication successfully enabled for "dc=example,dc=com"   <----
---


-  Additional info:
It's taking hard-coded value '65535' from replication.py file while enabling replication and thus failing.
code: /usr/lib/python3.6/site-packages/lib389/cli_conf/replication.py, line no. 157
---
def enable_replication(inst, basedn, log, args):
    repl_root = args.suffix
    role = args.role.lower()
    rid = args.replica_id  <----

    if role == "supplier" or role == "master":
        repl_type = '3'
        repl_flag = '1'
    elif role == "hub":
        repl_type = '2'
        repl_flag = '1'
    elif role == "consumer":
        repl_type = '2'
        repl_flag = '0'
    else:
        # error - unknown type
        raise ValueError("Unknown replication role ({}), you must use \"supplier\", \"hub\", or \"consumer\"".format(role))

    # Start the propeties and update them as needed
    repl_properties = {
        'cn': 'replica',
        'nsDS5ReplicaRoot': repl_root,
        'nsDS5Flags': repl_flag,
        'nsDS5ReplicaType': repl_type,
        'nsDS5ReplicaId': '65535'    <----- This should be 'rid'
        }
---

Comment 2 mreynolds 2021-04-30 17:13:26 UTC
This is a regression from:  Issue 4656 - Make replication CLI backwards compatible with role name change.

This is the fix:

$ git diff
diff --git a/src/lib389/lib389/cli_conf/replication.py b/src/lib389/lib389/cli_conf/replication.py
index a2513ee2a..04886f632 100644
--- a/src/lib389/lib389/cli_conf/replication.py
+++ b/src/lib389/lib389/cli_conf/replication.py
@@ -158,7 +158,7 @@ def enable_replication(inst, basedn, log, args):
         }
 
     # Validate supplier settings
-    if role == "supplier":
+    if role == "supplier" or role == "master":
         # Do we have a rid?
         if not args.replica_id or args.replica_id is None:


I just fixed this upstream https://github.com/389ds/389-ds-base/issues/4656

Comment 3 mreynolds 2021-04-30 17:35:39 UTC
In the meantime the easiest workaround is to use "supplier" for the role name:

    # dsconf -D "cn=Directory Manager" ldap://server1.example.com replication  enable --suffix="dc=example,dc=com" --role="supplier"  --replica-id=1

Comment 4 Akshay Sakure 2021-05-02 13:59:46 UTC
Thank you for looking into this and providing a quick 'workaround' in the meantime.


Note You need to log in before you can comment on or make changes to this bug.