RE: [Fedora-directory-users] Replication problems
by Paul Clayton
David Boreham wROTE:
A 'dedicated consumer' can't replicate to another server (hence the
'dedicated' part).
Both servers need to be masters if you want two-way replication.
I am aware of that and if you had read the email I sent, it was
specified as such. I did finally get it working. I believe the problem
may have been the passwordexpirationtime attribute not being present.
cheers
________________________________
From: fedora-directory-users-bounces(a)redhat.com
[mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of David
Boreham
Sent: 23 May 2006 04:16 PM
To: General discussion list for the Fedora Directory server project.
Subject: Re: [Fedora-directory-users] Replication problems
Paul Clayton wrote:
I have one server running FD core 5 and the other FD core 4
Each server has the recommended product installed, and at this
point there is no issue.
What I am having is a replication problem. Initially I set
server A as the master and server B as a dedicated consumer.
A 'dedicated consumer' can't replicate to another server (hence the
'dedicated' part).
Both servers need to be masters if you want two-way replication.
--------------------------------------------------------
This e-mail and any attachments are confidential and may also be legally
privileged and/or copyright material of Intec Telecom Systems PLC (or its
affiliated companies). If you are not an intended or authorised recipient
of this e-mail or have received it in error, please delete it immediately
and notify the sender by e-mail. In such a case, reading, reproducing,
printing or further dissemination of this e-mail or its contents is strictly
prohibited and may be unlawful.
Intec Telecom Systems PLC does not represent or warrant that an attachment
hereto is free from computer viruses or other defects. The opinions
expressed in this e-mail and any attachments may be those of the author and
are not necessarily those of Intec Telecom Systems PLC.
17 years, 11 months
[Fedora-directory-users] Fedora Directory Server Console on Mac OS X
by Felipe Alfaro Solana
Hi!
Has anyone been able to make Fedora Directory Server console run on
Mac OS X 10.4? I copied the entire /opt/fedora-ds tree to my Mac, then
ran ./startconsole. The login wndow comes up but, after entering the
admin credentials, it just hangs while trying to authenticate against
the admin service. Curiously, while sniffing traffic, I can see a DNS
query for the admin service machine, but no more traffic just comes in
or out from the machine.
I've tried using JRE 1.4.2 and JRE 1.5.0 with no success.
Any ideas?
17 years, 11 months
[Fedora-directory-users] Replication problems
by Paul Clayton
I have one server running FD core 5 and the other FD core 4
Each server has the recommended product installed, and at this point there is no issue.
What I am having is a replication problem. Initially I set server A as the master and server B as a dedicated consumer. The initialization worked fine from A to B and replication worked fine. I then set both servers as multi masters, and created the necessary agreements.
Server A to B replication worked but not from B to A. It failed with a permissions issue. I later tracked this down to the passwod expiration being missing, bu then I hit another issue, in that neither server would accept the replication issueing a an error code 1 saying incremental failed, and no such replica.
Extract from the log on the Server A
[23/May/2006:13:39:31 +0200] NSMMReplicationPlugin - agmt="cn=Keeper" (keeper:389): Unable to acquire replica: there is no replicated area "dc=domain,dc
=com" on the consumer server. Replication is aborting.
[23/May/2006:13:39:31 +0200] NSMMReplicationPlugin - agmt="cn=Keeper" (keeper:389): Incremental update failed and requires administrator action
Extract from log on Server B
[23/May/2006:13:36:18 +0200] NSMMReplicationPlugin - conn=8 op=3 replica="unknown": Unable to acquire replica: error: no such replica
I remember seeing this same problem on iPlanet some years back, and the only fix was to clear all replication agreements, and re-install the secondary. Seems the same issue is still around.
I have read the manual from top to bottom on replication, and cannot find anything wrong.
Anyone come across this.
Regards
Paul Clayton
--------------------------------------------------------
This e-mail and any attachments are confidential and may also be legally
privileged and/or copyright material of Intec Telecom Systems PLC (or its
affiliated companies). If you are not an intended or authorised recipient
of this e-mail or have received it in error, please delete it immediately
and notify the sender by e-mail. In such a case, reading, reproducing,
printing or further dissemination of this e-mail or its contents is strictly
prohibited and may be unlawful.
Intec Telecom Systems PLC does not represent or warrant that an attachment
hereto is free from computer viruses or other defects. The opinions
expressed in this e-mail and any attachments may be those of the author and
are not necessarily those of Intec Telecom Systems PLC.
17 years, 11 months
[Fedora-directory-users] consumer replica without update referrals?
by George Holbert
I'd like to set up a read-only consumer that never returns referrals to
a writable master server. Basically, any write requests that aren't
replication updates would just be dropped.
It doesn't look like there is an analogous setting for this in the
suffix-level "nsslapd-state" variable. The closest thing is "referral
on update" (default consumer behavior).
Then there is the "nsslapd-readonly" attribute, but I think this would
also disable updates from the master replica.
One way would be to set a bogus suffix referral, so that client updates
are referred to a non-existent server. Does anyone have a more elegant
solution?
Thank you!
-- George
17 years, 11 months
[Fedora-directory-users] pam-ldap / multiple ldap servers Bug? or Feature with pam_ldap?
by DeMarco, Dennis
I've ran into an interesting pam_ldap issue.
In my /etc/ldap.conf for pam I have two servers:
uri ldaps://ldap04.example.com ldaps://ldap03.example.com
ldap04.example.com ran out of file descriptors, we had cron restart
services at night, and cron ulimit was 1024, even though
/etc/sercurity/limits.conf had been raised.
The problem pam_ldap did not fail over to ldap03.example.com. LDAP04
still answered, even though it replied with Not listening for new
connections - too many fds open then closed connection. Pam ldap was
still trying to pin against this server.
Does anyone have any suggestions of a 'fix' for this feature?
Thanks,
Dennis
This message (including any attachments)
contains confidential information intended for a
specific individual and purpose, and is protected
by law. If you are not the intended recipient, you
should delete this message. Any disclosure,
copying, or distribution of this message, or the
taking of any action based on it, is strictly
prohibited.
17 years, 11 months
[Fedora-directory-users] force password change from web apps
by Mikael Kermorgant
Hello,
I'm testing FDS as authentication backend for some apps like
squirrelmail, plone, ...
I'd like to use "Password Change after Reset" for newly created users
but they should be able to modify this password via squirrelmail or
plone.
Is it possible to use the "passwordgracelimit" in order to let them
connect for the first time ?
What parameter could I use from these apps to know I have to force the
logged user to change his password ? Is it passwordexpirationtime ?
Thanks in advance,
--
Mikael Kermorgant
17 years, 11 months
[Fedora-directory-users] New User....fields!
by Alex aka Magobin
Hello,
when I setup a new user with console..I have in left panel default
object class (User,Languages,NT User, Posix User).
Now that I have imported qmail.schema how can I setup for all new entry
my default windows?..
Is it possible that when I have to setup a new entry I have a window
with on the left qmailgroup too...so that I have not to click on
'Advanced mode' and, for every user add qmailgroup value and
AlternateMailAddress attribute.
Alex
17 years, 11 months
[Fedora-directory-users] adding users
by Steve Strong
OK, I'm a newbie, but it seems that now that I've migrated all of my
users that I need to learn how to add users (ya think?) There must be
an underlying unix account, right? how do you add one unix account to
the fedora ldap directory?
steve
--
Steve Strong
Math and Computer Science
Washington High School
2205 Forest Dr. SE
Cedar Rapids, IA 52403
http://crwash.org
mailto:strong.s@crwash.org
17 years, 11 months