On Oct 25, 2007, at 12:50 PM, Richard Megginson wrote:
> Timothy Hunt wrote:
>> I've taken over control of an FDS and an AD server which had been
>> set up before I got to it. I'm still fairly new to LDAP and related
>> things. I come from a unix background rather than windows.
>>
>> At some point, users put into FDS were replicated on the AD server
>> correctly. Subsequently, the flat "structure" of the users in FDS
>> was improved to be more hierarchical. However, new users added into
>> FDS are not being added into AD. I'm also not familiar enough with
>> AD to know where to see the OU structure that is present in FDS in
>> AD. I'm not even sure if AD would have that structure. I'm at a
>> bit of a loss as to how to start diagnosing where the problem is,
>> let alone fixing it.
>>
>> I've looked at
>>
http://directory.fedoraproject.org/wiki/Howto:WindowsSync but as
>> that is focussed on setting it up initially, I'm not sure how much
>> of it applies.
>
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/sync.html#2836267
>>
>>
Thanks, Richard,
As our AD server isn't yet being used, I decided to break the existing
sync agreement, wipe the users on the AD server, and start a new sync
agreement.
I've got "replication" logging set and I'm getting this in the FDS log
files
[26/Oct/2007:14:15:38 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): Replication session backing off for 191 seconds
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): State: backoff -> backoff
[26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV:
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier:
{replicageneration} 4693ce97000000010000
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier:
{replica 1 ldap://ds1.intraisp.com:389} 469ee73e000000010000
47223b23000000010000 47223b23
[26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV:
[26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV = null
[26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV is newer
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): Trying secure slapi_ldap_init
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): binddn =
CN=Administrator,CN=Users,DC=directory,DC=intraisp,DC=com, passwd =
{DES}cwngvvY1zCw=
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): Disconnected from the consumer
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): Beginning linger on the connection
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): No linger on the closed conn
[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2"
(fs2:636): Replication session backing off for 299 seconds
the "summary" tab of the AD sync agreement on FDS says
Last update message: - LDAP error: Can't contact LDAP server: Error
Code: 81
But I can connect to port 636 on the AD server from the RDS box
without a problem.
Can you connect to port 389 on the AD server? Is it possible
you have
configured it to use port 636 but not to use SSL (or vice versa)?
Any suggestions?
Timothy
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users