Thanks Rich. So to modify an existing replication agreement and add some
attribute exclusions, could I do something like the following:
create the .ldif below and add it each supplier agreement using ldapmodify?
dn: cn="Replication to
p-ldap-isvr02.example.com",cn=replica,cn="dc=example,dc=com",cn=mapping
tree,cn=config
changetype: modify
replace: nsds5replicatedattributelist
nsds5replicatedattributelist: (objectclass=*) $ EXCLUDE accountunlocktime
passwordretrycount retrycountresettime memberof
Would each consumer need to be re-initialized after making a change like
this?
Thanks,
Stephen
**
On Thu, Mar 10, 2011 at 8:04 AM, Rich Megginson <rmeggins(a)redhat.com> wrote:
On 03/09/2011 10:34 PM, Stephen Agar wrote:
In my previous reading it seemed like fractional replication wasn't
possible in a multi-master environment. Statements like this from the
administrators guide: "Fractional replication can only be done where the
consumer is a read-only replica" are what i'm referring to. Am I
misunderstanding what fractional replication is?
It is now supported in most cases. Please direct me to statements like the
above in our docs and I will fix them.
Thanks
On Wed, Mar 9, 2011 at 11:18 AM, Rich Megginson <rmeggins(a)redhat.com>wrote:
> On 03/09/2011 10:11 AM, Stephen Agar wrote:
>
> I've seen multiple different types of changes in there flagged as this
> issue.
> - Some was a custom "directory string" attribute, being change from value
> notActivated to activated
>
> I suppose this might be a problem if the schema were somehow different
> between the two servers, which could happen if you added the schema via a
> file and not via LDAP.
>
> - Some password account lockout attributes, resettime, etc.
>
> See
>
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-singl...
>
> - Most are modifications to the "memberof" attribute, which is set by the
> member plugin
>
> memberof should not be replicated - see
>
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-singl...
> there is an Important Note on that page about replicating memberof
>
> - Some are password changes
>
> I suppose this could be possible if the password policy is different on
> the supplier and the consumer
>
>
> In all cases that i've checked, the data seems to be correct and
> consistent across all 4 nodes.
>
> Thanks for any insight.
>
> --stephen
>
>
> On Tue, Mar 8, 2011 at 3:21 PM, Rich Megginson <rmeggins(a)redhat.com>wrote:
>
>> On 03/08/2011 11:17 AM, Stephen Agar wrote:
>>
>> I have a 4 server multi master replication setup going on. We get a lot
>> of errors like this:
>>
>> NSMMReplicationPlugin - agmt="cn="Replication to server""
(server:636):
>> Consumer failed to replay change (uniqueid
>> 2365a885-b85511df-ad54b6ca-51ecbecb, CSN 4d6ceae5000700010000): DSA is
>> unwilling to perform. Will retry later.
>>
>> I've used cl-dump on all four nodes to dump the logs and track these
>> down. However, all of the "offending" changes that say they
weren't made do
>> indeed seem to be applied on all 4 nodes.
>>
>> What are these changes? What operations, attributes, values, etc.
>>
>> Is there a command I can use to remove specific entries from the
>> changelog? In the past, i've just re-initialized nodes to get rid of these,
>> but that's certainly not the preferred way to do this.
>>
>> Thanks,
>> Stephen
>>
>>
>> --
>> 389 users mailing
list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>>
>>
>
>