Sorry for jumping in here (just joined the list) but it sounds like
your replication user is being blocked by an ACI that you have
applied. These could be explicit or inherited from a parent OU in the
tree.
Make sure your Replication User is not part of a ACI or make it part
of a new ACI that allows objectclass=* full permissions.
Sellers
On Dec 12, 2007, at 10:12 AM, Ryan Braun wrote:
On Tuesday 11 December 2007 11:42 pm, Rich Megginson wrote:
> startconsole -D -f console.log -
Below is the last 40 lines after the error. It looks like these 3
lines tell the story though
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica number of changes from {host=infinity.xxx.ec.gc.ca}
{port=389} {authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica refresh attribute {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
consumer initialization status attribute
(nsds5replicalastinitstatus) {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
AgreementReader: start readAgreements()
AgreementReader: getFromServer()
Agreement Base DN: cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
Filter: |(objectclass=nsDS5ReplicationAgreement)
(objectclass=LDAPReplica)(objectclass=nsDSWindowsReplicationAgreement)
ReplicationAgreement.setOrigEntryDN: cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setEntryDN: cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setOrigEntryDN: cn=Replication to
xxxsrvr4
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setEntryDN: cn=Replication to
xxxsrvr4
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
AgreementReader: end readAgreements()
ReplicaResourceObject.treeExpanded: this
ReplicationTool.verifyDM: authDN = <cn=Directory Manager>,
authPassword = <xxxxxxxx>
getMachineDataDN: returning cn=replication,cn=config
AgreementReader: start readAgreements()
AgreementReader: getFromServer()
Agreement Base DN: cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
Filter: |(objectclass=nsDS5ReplicationAgreement)
(objectclass=LDAPReplica)(objectclass=nsDSWindowsReplicationAgreement)
ReplicationAgreement.setOrigEntryDN: cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setEntryDN: cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setOrigEntryDN: cn=Replication to
xxxsrvr4
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
ReplicationAgreement.setEntryDN: cn=Replication to
xxxsrvr4
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
AgreementReader: end readAgreements()
Add MMR Node
Class is com.netscape.admin.dirserv.panel.replication.MMRAgreement
Add MMR Node
Class is com.netscape.admin.dirserv.panel.replication.MMRAgreement
ResourceSet:getString():Unable to resolve general-Apply-ttip
ResourceSet:getString():Unable to resolve general-Reset-ttip
ResourceSet:getString():Unable to resolve general-Help-ttip
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica number of changes from {host=infinity.xxx.ec.gc.ca}
{port=389} {authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica refresh attribute {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
consumer initialization status attribute
(nsds5replicalastinitstatus) {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
BlankPanel.refresh:refreshed panel data. Class
com.netscape.admin.dirserv.panel.replication.AgreementInfoPanel
DSEntrySet.getAttributes(): read entry from DS:LDAPEntry:
cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config; LDAPAttributeSet:
DSEntrySet.getAttributes(): attributes for this entry:
[Ljava.lang.String;@1a28362
DSEntrySet.getAttributes(): failed to get attribute description in
cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config
DSEntrySet.show(): some of the attributes of cn=Replication to
xxxldap1
.xxx.ec.gc.ca,cn=replica,cn="dc=xxx,dc=ec,dc=gc,dc=ca",cn=mapping
tree,cn=config could not be read. Either they are not present in
the entry or there is an ACI which prevents that attribute from
being read. Try authenticating as a user with more access
DSUtil.reauthenticate: begin: ldc={host=infinity.xxx.ec.gc.ca}
{port=389} {authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica number of changes from {host=infinity.xxx.ec.gc.ca}
{port=389} {authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
replica refresh attribute {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
ReplicationAgreement.updateAgreementFromServer: unable to read the
consumer initialization status attribute
(nsds5replicalastinitstatus) {host=infinity.xxx.ec.gc.ca} {port=389}
{authdn=cn=Directory Manager}
DSTabbedPanel.select:
com.netscape.admin.dirserv.panel.replication.AgreementPanel[,
0,0,605x468
,layout
=
java
.awt
.BorderLayout
,alignmentX
=
0.0
,alignmentY
=
0.0
,border
=
,flags
=
9
,maximumSize
=,minimumSize=java.awt.Dimension[width=1,height=1],preferredSize=]
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
---
Chris G. Sellers Lead Internet Engineer
National Institute for Technology & Liberal Ed.
535 West William Street, Ann Arbor, MI 48103
chris.sellers(a)nitle.org 734.661.2318