/usr/share/ipa/updates/20-syncrepl.update is in freeipa-server 4.7.0~pre1+git20180411-2ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | # Enable Retro changelog - it is necessary for SyncRepl
dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
only:nsslapd-pluginEnabled: on
# Remember original nsuniqueid for objects referenced from cn=changelog
add:nsslapd-attribute: nsuniqueid:targetUniqueId
add:nsslapd-changelogmaxage: 2d
add:nsslapd-include-suffix: cn=dns,$SUFFIX
# Keep memberOf and referential integrity plugins away from cn=changelog.
# It is necessary for performance reasons because we don't have appropriate
# indices for cn=changelog.
dn: cn=MemberOf Plugin,cn=plugins,cn=config
add:memberofentryscope: $SUFFIX
add:memberofentryscopeexcludesubtree: cn=compat,$SUFFIX
add:memberofentryscopeexcludesubtree: cn=provisioning,$SUFFIX
add:memberofentryscopeexcludesubtree: cn=topology,cn=ipa,cn=etc,$SUFFIX
dn: cn=referential integrity postoperation,cn=plugins,cn=config
add:nsslapd-plugincontainerscope: $SUFFIX
add:nsslapd-pluginentryscope: $SUFFIX
add:nsslapd-pluginExcludeEntryScope: cn=provisioning,$SUFFIX
# Enable SyncRepl
dn: cn=Content Synchronization,cn=plugins,cn=config
only:nsslapd-pluginEnabled: on
# Make sure IPA UUID does not generate ipaUniqueID for Stage/Delete entries
dn: cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config
add:ipaUuidExcludeSubtree: cn=provisioning,$SUFFIX
|