On 06/23/2014 02:43 PM, Elizabeth Jones wrote:
> We currently have 4 way multi-master replication running over
port 389 but
> I need to secure it. In looking at what we have now, it looks to me like
> I can't edit the existing replication agreements but will have to make all
> new replication agreements - is this correct?
You should be able to edit the existing agreements - what makes you
think you cannot?
>
> I was looking at this doc
>
https://www.centos.org/docs/5/html/CDS/ag/8.0/Managing_Replication-Config...
> to make sure I'm doing everything right and saw the highlighted note that
> says "Replication will not begin until the consumer is initialized". Do I
> need to initialize all of my ldap servers again,
No.
> if they were in sync from
> the existing agreements?
No. Using plain LDAP/SSL/TLS/whatever for
authentication/transport
makes no difference.
>
It would be so awesome if I could read - farther down the page it
explicitly says that I do need to create new replication agreements, no
editing what is already there.
? I sincerely hope you are not using the version of
directory server
that corresponds to that documentation, which appears to be centos-ds 8.0?
What version of directory server are you using?
rpm -q centos-ds-base
rpm -q redhat-ds-base
rpm -q 389-ds-base
On this note - is there a way to disable the existing replication
agreement other than completely deleting it?
Yes, depending on what version you are using.
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users