mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Enable EntryUSN plugin by default, with global scope
This will allow clients to use entryusn values to track what changed in the directory regardles of replication delays. Fixes: https://fedorahosted.org/freeipa/ticket/526
This commit is contained in:
parent
94957c8ddc
commit
20b1e0a75e
@ -45,6 +45,7 @@ app_DATA = \
|
||||
user_private_groups.ldif \
|
||||
uuid-ipauniqueid.ldif \
|
||||
modrdn-krbprinc.ldif \
|
||||
entryusn.ldif \
|
||||
$(NULL)
|
||||
|
||||
EXTRA_DIST = \
|
||||
|
10
install/share/entryusn.ldif
Normal file
10
install/share/entryusn.ldif
Normal file
@ -0,0 +1,10 @@
|
||||
dn: cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-entryusn-global
|
||||
nsslapd-entryusn-global: on
|
||||
|
||||
dn: cn=USN,cn=plugins,cn=config
|
||||
changetype: modify
|
||||
replace: nsslapd-pluginenabled
|
||||
nsslapd-pluginenabled: on
|
||||
|
@ -219,6 +219,7 @@ class DsInstance(service.Service):
|
||||
self.step("configuring uniqueness plugin", self.__set_unique_attrs)
|
||||
self.step("configuring uuid plugin", self.__config_uuid_module)
|
||||
self.step("configuring modrdn plugin", self.__config_modrdn_module)
|
||||
self.step("enabling entryUSN plugin", self.__enable_entryusn)
|
||||
self.step("creating indices", self.__create_indices)
|
||||
self.step("configuring ssl for ds instance", self.__enable_ssl)
|
||||
self.step("configuring certmap.conf", self.__certmap_conf)
|
||||
@ -357,6 +358,9 @@ class DsInstance(service.Service):
|
||||
# TODO: roll back here?
|
||||
logging.critical("Failed to restart the directory server. See the installation log for details.")
|
||||
|
||||
def __enable_entryusn(self):
|
||||
self._ldap_mod("entryusn.ldif")
|
||||
|
||||
def __add_memberof_module(self):
|
||||
self._ldap_mod("memberof-conf.ldif")
|
||||
|
||||
|
@ -341,7 +341,7 @@ class ReplicationManager:
|
||||
port = kargs.get("port", PORT)
|
||||
|
||||
# List of attributes that need to be excluded from replication.
|
||||
excludes = ('memberof',
|
||||
excludes = ('memberof', 'entryusn',
|
||||
'krblastsuccessfulauth',
|
||||
'krblastfailedauth',
|
||||
'krbloginfailedcount')
|
||||
|
Loading…
Reference in New Issue
Block a user