[13/Mar/2012:11:31:12 -0400] NSMMReplicationPlugin - agmtlist_add_callback: Can't start agreement "cn=389-01 to analog-01v,cn=replica,cn=dc\3dMYDOMAIN\2c dc\3dcom,cn=mapping tree,cn=config"

Could you try removing the white space (by editing your dse.ldif)?
1. shutdown the server
2. edit /etc/dirsrv/slapd-YOURID/dse.ldif
   dn: cn=389 to analog,cn=replica,cn=dc\3DMYDOMAIN\2C dc\3Dcom,cn=mapping tree,cn=config
   ==>
   dn: cn=389 to analog,cn=replica,cn=dc\3DMYDOMAIN\2Cdc\3Dcom,cn=mapping tree,cn=config
3. restart the server

Looks like this:

 

[root@x-web-389-01 ~]# ldapsearch -xLLL -D "cn=directory manager" -W -b cn=config "cn=389 to analog"                                                                                            

Enter LDAP Password:

dn: cn=389 to analog,cn=replica,cn=dc\3DMYDOMAIN\2C dc\3Dcom,cn=mapping tree,cn=config

objectClass: top

objectClass: nsDS5ReplicationAgreement

description: x-web-389-01 to x-analog-01

cn: 389 to analog

nsDS5ReplicaRoot: dc=MYDOMAIN,dc=com

nsDS5ReplicaHost: x-analog-01.MYDOMAIN.com

nsDS5ReplicaPort: 389

nsDS5ReplicaBindDN: cn=repman,cn=config

nsDS5ReplicaTransportInfo: LDAP

nsDS5ReplicaBindMethod: SIMPLE

nsDS5ReplicaCredentials: {DES}/DnkVyIX/let6epFs+gfjw==

nsds50ruv: {replicageneration} 4eb7e52b000000010000

nsds50ruv: {replica 2 ldap://x-analog-01.MYDOMAIN.com:389} 4ec1600f000000020000 4ec29e53000000020000

nsds50ruv: {replica 1 ldap://x-web-389-01.MYDOMAIN.com:389} 4ec116e4000000010000 4f329c1c000100010000

nsruvReplicaLastModified: {replica 2 ldap://x-analog-01.MYDOMAIN.com:389} 00000000

nsruvReplicaLastModified: {replica 1 ldap://x-web-389-01.MYDOMAIN.com:389} 00000000

nsds5replicareapactive: 0

nsds5replicaLastUpdateStart: 0

nsds5replicaLastUpdateEnd: 0

nsds5replicaChangesSentSinceStartup:

nsds5replicaLastUpdateStatus: 0 No replication sessions started since server startup

nsds5replicaUpdateInProgress: FALSE

nsds5replicaLastInitStart: 0

nsds5replicaLastInitEnd: 0

 

 

 

From: Rich Megginson [mailto:rmeggins@redhat.com]
Sent: Tuesday, March 13, 2012 12:24 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform

 

On 03/13/2012 10:23 AM, mjames@guesswho.com wrote:

Sorry, forgot to send this to the list.

There appears to be something wrong with your replication agreement entry, but I have no idea what.  That information should be in the logs but it is not.  Can you post your replication agreement entry to the list?

ldapsearch -xLLL -D "cn=directory manager" -W -b cn=config "cn=389 to analog"

 

From: Michael James
Sent: Tuesday, March 13, 2012 12:13 PM
To: 'Rich Megginson'
Subject: RE: [389-users] LDAP server is unwilling to perform

 

That’s a big *IF* there… I did turn up the logging. Attached is the error log, trimmed to around the time that I tried to create the new replication agreement. Sorry about that.

 

From: Rich Megginson [mailto:rmeggins@redhat.com]
Sent: Tuesday, March 13, 2012 11:51 AM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform

 

On 03/13/2012 09:41 AM, mjames@guesswho.com wrote:

Pls see attached new console.log. Thanks.

If you follow the directions at http://port389.org/wiki/FAQ#Troubleshooting to enable the Replication log level, the extra information will be in the directory server errors log, not the console log - /var/log/dirsrv/slapd-INST/errors

 

Mike

 

From: Rich Megginson [mailto:rmeggins@redhat.com]
Sent: Monday, March 12, 2012 3:14 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform

 

On 03/12/2012 12:39 PM, mjames@guesswho.com wrote:

Pls. see attached. Thx.

Hmm - nothing to go on there - please turn on the Replication log level and reproduce the problem - then the errors log may contain more clues
http://port389.org/wiki/FAQ#Troubleshooting

 

Mike

 

From: Rich Megginson [mailto:rmeggins@redhat.com]
Sent: Monday, March 12, 2012 1:30 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform

 

On 03/12/2012 11:30 AM, mjames@guesswho.com wrote:

Thanks for your previous help. I built a new server, CentOS 6.2, added the epel-389-ds-base and epel repos, then installed 389-ds via yum. I ran setup-ds-admin.pl with the “Typical” setup option, user nobody, and registered with one of our existing configuration servers. I created the supplier bind DN on the new server per the installation docs.

 

At this point, I can’t establish a replication agreement. I open the 389-console on existing server and use the GUI to create a new replication agreement on userRoot. I accepted the defaults, entered the correct bind DN and password. At the end of the wizard, it fails with “LDAP server is unwilling to perform”. In the error log, I see one error. Any help is appreciated. Thanks, Mike

Can you run the console with -D 9 -f console.log, reproduce the problem, remove any sensitive information from console.log, and post console.log to this list?

 

[12/Mar/2012:13:26:46 -0400] NSMMReplicationPlugin - agmtlist_add_callback: Can't start agreement "cn=389 to analog-01v,cn=replica,cn=dc\3d<MY_DOMAIN>\2c dc\3dcom,cn=mapping tree,cn=config"

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users

 

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users

 

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users

 

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users