AD group/user sync question
by Vesa Alho
Hi,
I have now 389 to AD sync working (thanks Rich!). Another question
related to that.
There are currently two Windows sync agreements:
1. Users
ou=People,dc=domain,dc=com <==> cn=Users,dc=domain,dc=com
2. Projects
ou=Projects,ou=Groups,dc=domain,dc=com <==> ou=Projects,dc=domain,dc=com
Problem:
cn=Project1,ou=Projects,ou=Groups,dc=domain,dc=com has group members
defined like this:
...
uniqueMember: uid=user,ou=People,dc=domain,dc=com
...
I get the following replication error:
map_dn_values: this entry is not ours uid=user,ou=People,dc=domain,dc=com
I guess it means that I can't mix groups and users from different sync
agreements? How would I solve this scenario then?
Mr. Vesa Alho
10 years
How to make sure that all slave server has same data
by Fosiul Alam
Hi
I just wanted to know whats the best practice to make sure all Slave
as same data as master.
while reading on google, i got bellow command also 1 script to
monitor ldap replication status.
[root@blob]# ldapsearch -x -b "cn=mapping tree,cn=config" -D
"cn=Directory Manager" -w YOURPASSWORD
objectClass=nsDS5ReplicationAgreement nsds5replicaLastUpdateStatus -LL
I have checked this against our 6 slave server and they all returned :
nsds5replicaLastUpdateStatus: 0 Incremental update succeeded
but still one of the slave did not have same data as master ,
after I reinitialise the slave replication , the data was Ok
So if i want to create a script to monitor slave replication status
and wants to make sure that all slave as same data as master
what will be the best practice ??
Thanks
Fosiul
10 years
invalid password syntax - passwords with storage scheme are not allowed
by Fosiul Alam
Hi Expert
We have 389 server installed with ssl enabled.
When we try to change password from centos 5 servers its fine . but
from centos 6, i get bellow error :
Changing password for user testuser
Enter login(LDAP) password:
New password:
Retype new password:
LDAP password information update failed: Constraint violation
invalid password syntax - passwords with storage scheme are not allowed
passwd: Authentication token manipulation error
we have this in /etc/ldap.conf
ssl start_tls
tls_cacertfile /etc/openldap/cert/ourcert.crt
pam_password clear
same /etc/ldap.conf works fine in centos5 but for centos6 its looks
like not working
what shall i do ??
Thanks for help
10 years
