Yes.... Sorry should have been xxx2.stag.cle.usRe: [389-users] Setting
up multi master replication error 81
ok, try this:
/usr/lib64/mozldap/ldapsearch -h xxx.stag.cle.us -p 636 -Z -P
/etc/dirsrv/slapd-xxx/cert8.db -s base -b "" "objectclass=*"
Could it be firewall related? You have to allow port 636 to use LDAPS
(TLS/SSL encryption with LDAPS)
*From:*Rich Megginson [mailto:rmeggins@redhat.com]
*Sent:* Wednesday, August 31, 2011 3:32 PM
*To:* General discussion list for the 389 Directory server project.
*Cc:* David Hoskinson
*Subject:* Re: [389-users] Setting up multi master replication error 81
On 08/31/2011 01:30 PM, David Hoskinson wrote:
Not sure if there is a better way but will run through it...
Agreement name
Name: xxx
Description: xxx.stag.cle.us
Next
Supplier = server A:389
Consumer = server B:636
Are you using the FQDN for server B?
Use TLS/SSL (TLS?SSL encryption with LDAPS
Simple
Bind as cn=Replication Manager,cn=config
Password: replication password
Next
Select replication criteria.... Attributes unchecked
Next
Provide schedule Information
Always keep directories in sync
Next
Select one of the following
Initialize consume now
Done
Fails with unable to contact ldap
*From:*Rich Megginson [mailto:rmeggins@redhat.com]
*Sent:* Wednesday, August 31, 2011 3:21 PM
*To:* General discussion list for the 389 Directory server project.
*Cc:* David Hoskinson
*Subject:* Re: [389-users] Setting up multi master replication error 81
On 08/31/2011 01:05 PM, David Hoskinson wrote:
I was able to run this command on both machines with similar results.
From server A I pointed the script at server A fqdn and server b fqdn
and returned results. I then did the same thing on server b with both
fqdn. It seems to me from what I am seeing is that the protocols are
supported and correct and there is a possible "trust" issue going on here?
Can you post your replication agreement entries?
[root@xxx ~]# /usr/lib64/mozldap/ldapsearch -h xxx.stag.cle.us -ZZZ -P
/etc/dirsrv/slapd-xxx/cert8.db -s base -b "" "objectclass=*"
version: 1
dn:
objectClass: top
namingContexts: dc=stag,dc=cle,dc=us
supportedExtension: 2.16.840.1.113730.3.5.7
supportedExtension: 2.16.840.1.113730.3.5.8
supportedExtension: 2.16.840.1.113730.3.5.10
supportedExtension: 2.16.840.1.113730.3.5.3
supportedExtension: 2.16.840.1.113730.3.5.12
supportedExtension: 2.16.840.1.113730.3.5.5
supportedExtension: 2.16.840.1.113730.3.5.6
supportedExtension: 2.16.840.1.113730.3.5.9
supportedExtension: 2.16.840.1.113730.3.5.4
supportedExtension: 1.3.6.1.4.1.1466.20037
supportedExtension: 1.3.6.1.4.1.4203.1.11.1
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 2.16.840.1.113730.3.4.3
supportedControl: 2.16.840.1.113730.3.4.4
supportedControl: 2.16.840.1.113730.3.4.5
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 2.16.840.1.113730.3.4.9
supportedControl: 2.16.840.1.113730.3.4.16
supportedControl: 2.16.840.1.113730.3.4.15
supportedControl: 2.16.840.1.113730.3.4.17
supportedControl: 2.16.840.1.113730.3.4.19
supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1
supportedControl: 1.3.6.1.4.1.42.2.27.9.5.2
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.3.6.1.4.1.4203.666.5.16
supportedControl: 2.16.840.1.113730.3.4.14
supportedControl: 2.16.840.1.113730.3.4.20
supportedControl: 1.3.6.1.4.1.1466.29539.12
supportedControl: 2.16.840.1.113730.3.4.12
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.13
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: DIGEST-MD5
supportedLDAPVersion: 2
supportedLDAPVersion: 3
vendorName: 389 Project
vendorVersion: 389-Directory/1.2.8.3 B2011.122.1636
dataversion: 020110831163410
netscapemdsuffix: cn=ldap://dc=xxx,dc=stag,dc=cle,dc=us:389
David Hoskinson | *DATATRAK*International
Systems Engineer
Mayfield Heights, Ohio, USA
+1.440.443.0082 x 124 (p) | +1.216.280.5457 (m)
david.hoskinson(a)datatrak.net <mailto:david.hoskinson@datatrak.net> |
www.datatrak.net <
http://www.datatrak.net/>
--
389 users mailing list
389-users(a)lists.fedoraproject.org <mailto:389-users@lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org <mailto:389-users@lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users