Thanks for the reply David.<br><br>>> 1. How can I find out which system(s) is/are master, consumer, hub, etc?<br>
>>>>You should be able to determine the role of the Directory Server for each<br>
>>>>system by logging into the LDAP console under<br>
>>>>"Configuration->Replication". The role is either "Single Master", "Hub" or<br>
>>>>"Dedicated Consumer".<br><br>I was able to determine that we have two "Multiple Master" systems. Let's call them 'A' and 'B'. System A has been the only system running for what appears to be several years (it is being backed up nightly). System B has been off for some time but is running now.<br>
<br>
>> 2. How do I confirm that the systems have the correct credentials for<br>
replication? (I am receiving: "Unable to acquire replica: Permission<br>
denied.")<br>
a. How can I change the bind dn "cn=replication,cn=config" credentials<br>
on each system to ensure replication will work?<br>
>>>>You can do that on the console as well. Just navigate down the directory<br>
>>>>tree and manually reset the password for the replication user account.<br>
>>>>There's a possibility that your replication user account's password expired.<br><br>I can navigate to the screen to reset the password for the replication user account. I have not reset the passwords yet as I am reading documentation to confirm that system B will simply update it's data to system A's upon resuming replication.<br>
<br>
>> 3. I assume that upon repairing replication (apparently it has not been<br>
working for several years) the systems will all replicate to the most<br>
recent information. Correct?<br>
>>>>I think that's the tricky part. Make sure you backup your directory on all<br>
>>>>the LDAP first so you have something to roll back. I *believe* the last<br>
>>>>step when setting up replication is initializing the directory and that<br>
>>>>will wipe out directory on the other LDAP. Someone on the list might be<br>
>>>>able to provide a better on this but I am just giving you a heads up that<br>
>>>>this can be a complicated process.<br><br>Given the fact that system B has not been running for some time, ideally it would simply replicate to the current data on system A. After replication is reestablished the systems are set up to "Always keep directories in sync". If anyone can confirm the behavior that will occur upon replication on these two systems it would be greatly appreciated.<br>
<br>Thanks in advance,<br><br>Herb<br><br><br>
<div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
------------------------------<br>
<br>
Message: 2<br>
Date: Thu, 22 Mar 2012 10:40:34 -0400<br>
From: Chun Tat David Chu <<a href="mailto:beyonddc.storage@gmail.com">beyonddc.storage@gmail.com</a>><br>
To: "General discussion list for the 389 Directory server project."<br>
<<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a>><br>
Subject: Re: [389-users] Repair replication<br>
Message-ID:<br>
<<a href="mailto:CANCf8oLYKet99sB_ou4U3CER8U89UgwZhGUBTHekcF9HWNKL9g@mail.gmail.com">CANCf8oLYKet99sB_ou4U3CER8U89UgwZhGUBTHekcF9HWNKL9g@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="iso-8859-1"<br>
<br>
Hey Herb,<br>
<br>
You should refer to the Red Hat Directory Server administration guide for<br>
detail about setting up replication which you can locate in here.<br>
<a href="http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/" target="_blank">http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/</a><br>
<br>
>> 1. How can I find out which system(s) is/are master, consumer, hub, etc?<br>
You should be able to determine the role of the Directory Server for each<br>
system by logging into the LDAP console under<br>
"Configuration->Replication". The role is either "Single Master", "Hub" or<br>
"Dedicated Consumer".<br>
<br>
>> 2. How do I confirm that the systems have the correct credentials for<br>
replication? (I am receiving: "Unable to acquire replica: Permission<br>
denied.")<br>
a. How can I change the bind dn "cn=replication,cn=config" credentials<br>
on each system to ensure replication will work?<br>
You can do that on the console as well. Just navigate down the directory<br>
tree and manually reset the password for the replication user account.<br>
There's a possibility that your replication user account's password expired.<br>
<br>
>> 3. I assume that upon repairing replication (apparently it has not been<br>
working for several years) the systems will all replicate to the most<br>
recent information. Correct?<br>
I think that's the tricky part. Make sure you backup your directory on all<br>
the LDAP first so you have something to roll back. I *believe* the last<br>
step when setting up replication is initializing the directory and that<br>
will wipe out directory on the other LDAP. Someone on the list might be<br>
able to provide a better on this but I am just giving you a heads up that<br>
this can be a complicated process.<br>
<br>
Good luck<br>
<br>
- David<br>
<br>
2012/3/21 Herb Burnswell <<a href="mailto:herbert.burnswell@gmail.com">herbert.burnswell@gmail.com</a>><br>
<br>
> Hi All,<br>
><br>
> I'm new to LDAP administration and have been tasked with fixing the system<br>
> replication of 4 Linux systems running Fedora Directory Services. I am<br>
> very comfortable working with Linux/Unix but am not experienced with LDAP.<br>
> I've been reading the communications from this user group and reading as<br>
> much as I can from documentation. I believe this environment is not too<br>
> complex but I am looking for some guidance, any assistance is greatly<br>
> appreciated.<br>
><br>
> Info:<br>
><br>
> OS: Fedora Core 4<br>
> LDAP: Fedora Directory Server v 7.1<br>
><br>
> First, I know that both the systems and FDS versions are ancient.<br>
> However, at this point I need to get the replication working prior to<br>
> putting together a migration plan. I have access to the Directory Manager<br>
> console and am comfortable running command line commands as well. Either<br>
> way is fine.<br>
><br>
> Questions:<br>
><br>
> 1. How can I find out which system(s) is/are master, consumer, hub, etc?<br>
><br>
> 2. How do I confirm that the systems have the correct credentials for<br>
> replication? (I am receiving: "Unable to acquire replica: Permission<br>
> denied.")<br>
> a. How can I change the bind dn "cn=replication,cn=config" credentials<br>
> on each system to ensure replication will work?<br>
><br>
> 3. I assume that upon repairing replication (apparently it has not been<br>
> working for several years) the systems will all replicate to the most<br>
> recent information. Correct?<br>
><br>
> Again, any guidance is greatly appreciated.<br>
><br>
> Thanks in advance,<br>
><br>
> Herb<br>
><br>
> --<br>
> 389 users mailing list<br>
> <a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
> <a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.fedoraproject.org/pipermail/389-users/attachments/20120322/edfe5e8f/attachment-0001.html" target="_blank">http://lists.fedoraproject.org/pipermail/389-users/attachments/20120322/edfe5e8f/attachment-0001.html</a>><br>
<br></blockquote></div>