Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modification of DNA plugin entry erases remote server settings from shared configuration entry #1086

Closed
389-ds-bot opened this issue Sep 12, 2020 · 2 comments
Closed

Modification of DNA plugin entry erases remote server settings from shared configuration entry #1086

389-ds-bot opened this issue Sep 12, 2020 · 2 comments
Labels
closed: duplicate Migration flag - Issue
Milestone
1.3.3 - 6/14 (June)

Comments

@389-ds-bot
Copy link

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/47754

When in the MMR + DNA setup the plugin configuration entry of DNA is modified,
the new attributes dnaRemoteBindMethod and dnaRemoteConnProtocol that are in
the shared configuration entry get erased by the plugin.

This happens when the entry is modified manually as well as when the plugin
config entry is modified when the plugin itself assigns a value to newly added
entry and updates the dnaNextValue attribute in the process.

This disables the dna range transfer process from a server that is not known to
the server making the request (e.g. M1 <-----> M2 <-----> M3 topology).

Steps to Reproduce:

  1. Set up MMR and DNA with the topology from description
  2. Set M1 and M2 to have only few remaining values above the threshold abd M3
    with a lot of available space.
  3. Add users to M1 to deplete the available values and fall beneath the
    threshold, triggering the range transfer.

Actual results:
The server tries to get a new range from server M2, (probably) using
credentials from replication agreement, and is rejected. The server can't
contact the server M3 as it can't retrieve the attributes from the shared
entry.

logs:
[07/Mar/2014:14:18:44 -0500] dna-plugin - dna_pre_op: Passed threshold of 10
remaining values for range cn=account uids,cn=distributed numeric assignment
plugin,cn=plugins,cn=config. (6 values remain)
[07/Mar/2014:14:18:44 -0500] dna-plugin - dna_get_replica_bind_creds: Failed to
fetch replication agreement for range cn=Account
UIDs,ou=Ranges,dc=example,dc=com, server example.com, port 3389
[07/Mar/2014:14:18:44 -0500] dna-plugin - dna_request_range: Unable to retrieve
replica bind credentials.
[07/Mar/2014:14:18:44 -0500] dna-plugin - dna_request_range: Error sending
range extension extended operation request to server
:2389 [error 53]

Expected results:
The server uses the method and protocol settings stored in the shared
configuration to contact server M3 and gets new range.
@389-ds-bot 389-ds-bot added the closed: duplicate Migration flag - Issue label Sep 12, 2020
@389-ds-bot 389-ds-bot added this to the 1.3.3 - 6/14 (June) milestone Sep 12, 2020
@389-ds-bot
Copy link
Author

Comment from mreynolds (@mreynolds389) at 2014-05-21 21:55:50

This is a duplicate of https://fedorahosted.org/389/ticket/47779

@389-ds-bot
Copy link
Author

Comment from mreynolds (@mreynolds389) at 2017-02-11 23:09:35

Metadata Update from @mreynolds389:

  • Issue assigned to mreynolds389
  • Issue set to the milestone: 1.3.3 - 6/14 (June)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
closed: duplicate Migration flag - Issue
Projects
None yet
Milestone
1.3.3 - 6/14 (June)
Development

No branches or pull requests
1 participant
@389-ds-bot