Richard, Here is more detail error message
[01/May/2006:18:21:38 -0500] NSMMReplicationPlugin - agmt="cn=F04T02NET"
(serve01:1389): Unable to acquire replica: permission denied. The bind dn
"cn=replication manager,cn=config" does not have permission to supply
replication updates to the replica. Will retry later
On 5/1/06, Richard Megginson <rmeggins(a)redhat.com> wrote:
Linux Admin wrote:
> Richard,
> I have tried disabling the pass-through on server 2 and unfortunately
> I still can not replicate from 2 to 1.
> Replications from 1 to 2 works fine. I had to manually create
> NetscapeRoot on 2 initially, could be it that is created with
> different set of attributes then on 1.
> The error is 3. Permission denied.
Make sure the user you are using as your supplier DN on server 1 exists
on server 1 (and likewise for server 2). Try using ldapsearch from the
command line - bind with your supplier DN and password - to see if you
can use those credentials to search the suffix on both servers.
> What else could it be.
> Thanks for all your help.
>
>
>
> On 4/28/06, *Linux Admin* <sysadmin.linux(a)gmail.com
> <mailto:sysadmin.linux@gmail.com>> wrote:
>
> Richard,
> Thanks, let me try. I am surprised there is no documentation at
> all on NetScape root replication.
> You help is very much appricated
>
>
>
>
> On 4/28/06, * Richard Megginson* <rmeggins(a)redhat.com
> <mailto:rmeggins@redhat.com>> wrote:
>
> Linux Admin wrote:
> > Richard,
> > Thanks, this is very good.
> > I do not want to really disable it right now,
> I think you may need to disable it on the replica in order to
make
> replication work.
> > I just want to have 2 way replication between Server 1 and
> Server 2,
> > and used authenticate against server1. I would then setup in
> pluging
> > authentication against both 1 and 2. Is this right way?
> > Thank your very much for your time and advice.
> >
> >
> > On 4/28/06, *Richard Megginson* < rmeggins(a)redhat.com
> <mailto:rmeggins@redhat.com>
> > <mailto: rmeggins(a)redhat.com
<mailto:rmeggins@redhat.com>>>
> wrote:
> >
> > Linux Admin wrote:
> > > Folks,
> > > Is it possible to set up multi-master replication of
> NetscapeRoot
> > > configuration directory.
> > > I have tried and I can successfully initialize
> subscribers from the
> > > current configuration directory server.
> > > However initialization of replication in opposite
> direction fails.
> > >
> > > Server 1 current conf dir -> Server 2: rplication
sucsfull
> > > o=NetscapeRoot is populated
> > > Server 1 current conf dir <- Server 2: rplication
> failes with error:
> > > Permission denied. Error code 3
> > Part of the problem is that, when you set up a second
> instance, the
> > installer automatically enables pass through
> authentication for the
> > console admin user, which allows that user to login as
> > uid=admin,.....,o=NetscapeRoot on machines which do not
have
> > o=NetscapeRoot. So the first thing you need to do is to
> disable the
> > pass through auth plugin (console -> directory console ->
> > Configuration
> > -> Plug-ins -> Pass Through -> uncheck the Enable box -
then
> > restart the
> > server.
> > >
> > > on Server 2 I had to manully create NetscapeRoot
database.
> > > What am I missing?. Is it "idiot prrof" feature?
> > >
> > > Thanks in advance for any help
> > > SysLin
> > >
> > >
> >
>
------------------------------------------------------------------------
> > >
> > > --
> > > Fedora-directory-users mailing list
> > > Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>
> > <mailto: Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>>
> > >
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
> <
https://www.redhat.com/mailman/listinfo/fedora-directory-users>
> > >
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>
> > <mailto: Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>>
> >
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >
> >
> >
> >
------------------------------------------------------------------------
>
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>
> >
https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
> <mailto:Fedora-directory-users@redhat.com>
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users