diff options
| author | Simo Sorce <ssorce@redhat.com> | 2010-11-23 10:35:49 -0500 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2010-11-30 18:26:40 -0500 |
| commit | 20b1e0a75ec832d906e7f66d2b306aabdce03901 (patch) | |
| tree | 498f1d324b1ad33221207f53c2fd328d14c71101 | |
| parent | 94957c8ddcb8c11cea394b92ce67944adb991b23 (diff) | |
| download | freeipa-20b1e0a75ec832d906e7f66d2b306aabdce03901.tar.gz freeipa-20b1e0a75ec832d906e7f66d2b306aabdce03901.tar.xz freeipa-20b1e0a75ec832d906e7f66d2b306aabdce03901.zip | |
Enable EntryUSN plugin by default, with global scope
This will allow clients to use entryusn values to track what changed in the
directory regardles of replication delays.
Fixes: https://fedorahosted.org/freeipa/ticket/526
| -rw-r--r-- | install/share/Makefile.am | 1 | ||||
| -rw-r--r-- | install/share/entryusn.ldif | 10 | ||||
| -rw-r--r-- | ipaserver/install/dsinstance.py | 4 | ||||
| -rw-r--r-- | ipaserver/install/replication.py | 2 |
4 files changed, 16 insertions, 1 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 1e71ae804..c7e1c5c5a 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -45,6 +45,7 @@ app_DATA = \ user_private_groups.ldif \ uuid-ipauniqueid.ldif \ modrdn-krbprinc.ldif \ + entryusn.ldif \ $(NULL) EXTRA_DIST = \ diff --git a/install/share/entryusn.ldif b/install/share/entryusn.ldif new file mode 100644 index 000000000..51f9fc6eb --- /dev/null +++ b/install/share/entryusn.ldif @@ -0,0 +1,10 @@ +dn: cn=config +changetype: modify +replace: nsslapd-entryusn-global +nsslapd-entryusn-global: on + +dn: cn=USN,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginenabled +nsslapd-pluginenabled: on + diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index ed60c6f8b..d4f0683c0 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -219,6 +219,7 @@ class DsInstance(service.Service): self.step("configuring uniqueness plugin", self.__set_unique_attrs) self.step("configuring uuid plugin", self.__config_uuid_module) self.step("configuring modrdn plugin", self.__config_modrdn_module) + self.step("enabling entryUSN plugin", self.__enable_entryusn) self.step("creating indices", self.__create_indices) self.step("configuring ssl for ds instance", self.__enable_ssl) self.step("configuring certmap.conf", self.__certmap_conf) @@ -357,6 +358,9 @@ class DsInstance(service.Service): # TODO: roll back here? logging.critical("Failed to restart the directory server. See the installation log for details.") + def __enable_entryusn(self): + self._ldap_mod("entryusn.ldif") + def __add_memberof_module(self): self._ldap_mod("memberof-conf.ldif") diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index 7b4e903b4..340a82ef3 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -341,7 +341,7 @@ class ReplicationManager: port = kargs.get("port", PORT) # List of attributes that need to be excluded from replication. - excludes = ('memberof', + excludes = ('memberof', 'entryusn', 'krblastsuccessfulauth', 'krblastfailedauth', 'krbloginfailedcount') |