<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>I have setup 2 servers running the following versions of 389 Directory server<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>389-adminutil-1.1.13-1.el5<o:p></o:p></p><p class=MsoNormal>389-admin-1.1.16-1.el5<o:p></o:p></p><p class=MsoNormal>389-dsgw-1.1.6-1.el5<o:p></o:p></p><p class=MsoNormal>389-ds-1.2.1-1.el5<o:p></o:p></p><p class=MsoNormal>389-ds-base-1.2.8.3-1.el5<o:p></o:p></p><p class=MsoNormal>389-admin-console-1.1.7-1.el5<o:p></o:p></p><p class=MsoNormal>389-console-1.1.4-1.el5<o:p></o:p></p><p class=MsoNormal>389-admin-console-doc-1.1.7-1.el5<o:p></o:p></p><p class=MsoNormal>389-ds-base-libs-1.2.8.3-1.el5<o:p></o:p></p><p class=MsoNormal>389-ds-console-1.2.5-1.el5<o:p></o:p></p><p class=MsoNormal>389-ds-console-doc-1.2.5-1.el5<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I have also enabled ssl and created the appropriate certs for each machine. I am able to set each machine as a client so I can test that from server A, I can login to server A while being authenticated by server B and vice versa.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>The last problem that I seem to be having is setting up replication. I have enabled the changelog, created a replication account, and enabled replica. When I create my replication agreement on the userRoot, the supplier shows as server A port 389 and the consumer shows as server B 636. I am using Use TLS with ldaps, and simple bind with my replication account and password. I next leave enable fractional replication unchecked, always keep directories in sync and initialize consumer… this is on server A and done. I get the following error message. Consumer initialization has unsuccessfully completed. The error received by the replica is ’81 – LDAP error: Can’t contact LDAP server’<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I believe I am reading that in some manner the cacert.asc from server A has to be on server B and the cacert B has to be on server A but am not sure and having problems with this.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Any help with this would be appreciated and can provide additional information if needed… <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black'>David Hoskinson | </span><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:blue'>DATATRAK</span></b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:blue'> International</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black'><br>Systems Engineer<br>Mayfield Heights, Ohio, USA <br>+1.440.443.0082 x 124 (p</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>) | +1.319<span style='color:black'>.471.3689 (m)<br><a href="mailto:david.hoskinson@datatrak.net" title="blocked::mailto:anna.lyatkher@datatrak.net"><span style='color:blue'>david.hoskinson@datatrak.net</span></a> | <a href="http://www.datatrak.net/" title="blocked::http://www.datatrak.net/ http://www.datatrak.net/"><span style='color:blue'>www.datatrak.net</span></a></span></span><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>