Thursday, August 11, 2022

[389-users] Re: DNA Plugin creating duplicates


On 8/11/22 1:51 PM, Merritt, Todd R - (tmerritt) wrote:
Hi,

I'm running 389ds 2.0.15 on a two node cluster in a multi master mode. I'm using the DNA plugin to generate unique uid numbers for new accounts. Each directory instance is assigned a unique range of uid numbers. It works in so far as it assigns a uid number when it gets the magic token but whatever is supposed to be verifying that the uid number is not already assigned is not working.

Do you mean on the same instance a uidNumber are being duplicated, or that the other supplier is assigning a uidNumebr that is already present on the other supplier replica?


Can you please provide the DNA config from both replicas, and the shared config entries?


Thanks,

Mark

I've cranked the error log level up, but I don't get anything in the logs that is helpful in determining why that validation is not working correctly. 

# ansible-managed-uidnumber-generation, Distributed Numeric Assignment Plugin,
 plugins, config
dn: cn=ansible-managed-uidnumber-generation,cn=Distributed Numeric Assignment
 Plugin,cn=plugins,cn=config
objectClass: top
objectClass: dnaPluginConfig
cn: ansible-managed-uidnumber-generation
dnaType: uidNumber
dnaNextValue: 62009
dnaMaxValue: 131000
dnaMagicRegen: generate
dnaFilter: (objectclass=posixAccount)
dnaScope: ou=Accounts,dc=example,dc=edu
dnaSharedCfgDN: ou=ranges,ou=Accounts,dc=example,dc=edu

I'm stumped. Anyone have any direction on how to debug this further?

Thanks!
Todd

_______________________________________________  389-users mailing list -- 389-users@lists.fedoraproject.org  To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org  Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/  List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines  List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org  Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue  
--   Directory Server Development Team

No comments:

Post a Comment