We currently have 4 way multi-master replication running over port 389 but I need to secure it. In looking at what we have now, it looks to me like I can't edit the existing replication agreements but will have to make all new replication agreements - is this correct?
I was looking at this doc https://www.centos.org/docs/5/html/CDS/ag/8.0/Managing_Replication-Configuri... to make sure I'm doing everything right and saw the highlighted note that says "Replication will not begin until the consumer is initialized". Do I need to initialize all of my ldap servers again, if they were in sync from the existing agreements?
thanks - EJ
We currently have 4 way multi-master replication running over port 389 but I need to secure it. In looking at what we have now, it looks to me like I can't edit the existing replication agreements but will have to make all new replication agreements - is this correct?
I was looking at this doc https://www.centos.org/docs/5/html/CDS/ag/8.0/Managing_Replication-Configuri... to make sure I'm doing everything right and saw the highlighted note that says "Replication will not begin until the consumer is initialized". Do I need to initialize all of my ldap servers again, if they were in sync from the existing agreements?
It would be so awesome if I could read - farther down the page it explicitly says that I do need to create new replication agreements, no editing what is already there.
On this note - is there a way to disable the existing replication agreement other than completely deleting it?
On 06/23/2014 02:43 PM, Elizabeth Jones wrote:
We currently have 4 way multi-master replication running over port 389 but I need to secure it. In looking at what we have now, it looks to me like I can't edit the existing replication agreements but will have to make all new replication agreements - is this correct?
You should be able to edit the existing agreements - what makes you think you cannot?
I was looking at this doc https://www.centos.org/docs/5/html/CDS/ag/8.0/Managing_Replication-Configuri... to make sure I'm doing everything right and saw the highlighted note that says "Replication will not begin until the consumer is initialized". Do I need to initialize all of my ldap servers again,
No.
if they were in sync from the existing agreements?
No. Using plain LDAP/SSL/TLS/whatever for authentication/transport makes no difference.
It would be so awesome if I could read - farther down the page it explicitly says that I do need to create new replication agreements, no editing what is already there.
? I sincerely hope you are not using the version of directory server that corresponds to that documentation, which appears to be centos-ds 8.0? What version of directory server are you using? rpm -q centos-ds-base rpm -q redhat-ds-base rpm -q 389-ds-base
On this note - is there a way to disable the existing replication agreement other than completely deleting it?
Yes, depending on what version you are using.
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org