Le 05/09/2022 à 21:36, Nico Kadel-Garcia a écrit : > On Mon, Sep 5, 2022 at 5:25 AM lejeczek via CentOS-devel > <centos-devel at centos.org> wrote: >> Hi guys. >> >> This issue is almost a month old - could @devel please look into it. >> Also a personal comment - this does not look too good as this is not >> the first time IPA when deployed has this very kind of problems - >> something there where freeIPA team & Centos team(s) co-exists/operate >> seems broken - it would be great if you guys(everybody involved) >> could look into it as well. >> >> many thanks, L > Don't use FreeIPA? Re-inventing Samba, and deliberately disabling the > domain controller features in RHEL compiled Samba, has been one of the > silliest things Red Hat has done. I suspect they could have made > considerably more money and satisfied ore customers by simply > supporting Samba, on which sssd and FreeIPA rely, and avoid these > destabilizing wrappers on top of Samba functionality. And yes, I put > my time and my money where my mouth is and publish RPM building tools > for Samba releases for RHEL use with the domain controller enabled, > over at https://github.com/nkadel/samba4repo/ > > If your RPM database has gotten messed up for whatever reason, use this: > > rpm --rebuilddb > > That said, I'd double check you installed for accidental duplication > or partial deployments. > > rpm -qa --qf '%{name}.%{arch}\n' | sort | uniq -d > > And manually re-install the latest version of anything that shows up > which isn't a kernel, or one of those yucky, icky gnarly modular > packaged components. modular packages are their own nightmare > > Then I'd use: > > dnf clean all --enablerepo=* > dnf list extras > dnf update --no-best > > The "best" operation has gotten very confusing at times, especially as > CentOS is now "streaming" beta test platform rather than a production > release based platform, and peculiarities are likely to sneak in as > individual bits and pieces get updated out of sync. This can be > especially exacerbated if you have non-standard or third party dnf > channels. > > Frankly, I often turn off the "best" operation in /etc/dnf.conf > because it's problematic if you use personally built dnf channels as I > do for Samba work. > > Nico Kadel-Garcia Hi, I maintain for testing purposes a samba ad dc COPR repository for EL8 with all necessary src.rpm simply rebuilt with dc option enable : https://copr.fedorainfracloud.org/coprs/ligenix/enterprise-samba-AD-DC/ Jean-Marc