IdM migration, adding a RHEL-7 replica to a RHEL-6 master fails with error unwilling to perform, modification of attribute nsds5replicabinddngroup is not allowed in replica entry

Solution In Progress - Updated -

Issue

While trying to upgrade from IdM RHEL-6 servers to IdM RHEL-7 servers, installing a RHEL-7 replica with the ipa-replica-install command to register against a RHEL-6 master fails with error

 [27/42]: setting up initial replication
  [error] UNWILLING_TO_PERFORM: {'info': 'modification of attribute nsds5replicabinddngroup is not allowed in replica entry', 'desc': 'Server is unwilling to perform'}

Environment

  • RHEL-6 IdM/IPA standalone master already configured and operational - ipa-server-3.0.0-50.el6_8.3.x86_64
  • RHEL-7 IdM/IPA replica to be configured, with
389-ds-base-1.3.5.10-11.el7.x86_64
ipa-server-4.4.0-14.el7_3.1.1.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content