[Fedora-directory-users] replicating configuration directotry (NetscapeRoot)
Linux Admin
sysadmin.linux at gmail.com
Mon May 1 23:24:29 UTC 2006
both servers has this enty in dse.ldif under
/opt/fedora-ds/<server-name>/config
dn: cn=replication manager,cn=config
objectClass: inetorgperson
objectClass: person
objectClass: top
objectClass: organizationalPerson
cn: replication manager
sn: RM
userPassword:
passwordExpirationTime: 20380119031407Z
Is this sufficent?
On 5/1/06, Richard Megginson <rmeggins at redhat.com> wrote:
>
> Linux Admin wrote:
> > Richard,
> > I have tried disabling the pass-through on server 2 and unfortunately
> > I still can not replicate from 2 to 1.
> > Replications from 1 to 2 works fine. I had to manually create
> > NetscapeRoot on 2 initially, could be it that is created with
> > different set of attributes then on 1.
> > The error is 3. Permission denied.
> Make sure the user you are using as your supplier DN on server 1 exists
> on server 1 (and likewise for server 2). Try using ldapsearch from the
> command line - bind with your supplier DN and password - to see if you
> can use those credentials to search the suffix on both servers.
> > What else could it be.
> > Thanks for all your help.
> >
> >
> >
> > On 4/28/06, *Linux Admin* <sysadmin.linux at gmail.com
> > <mailto:sysadmin.linux at gmail.com>> wrote:
> >
> > Richard,
> > Thanks, let me try. I am surprised there is no documentation at
> > all on NetScape root replication.
> > You help is very much appricated
> >
> >
> >
> >
> > On 4/28/06, * Richard Megginson* <rmeggins at redhat.com
> > <mailto:rmeggins at redhat.com>> wrote:
> >
> > Linux Admin wrote:
> > > Richard,
> > > Thanks, this is very good.
> > > I do not want to really disable it right now,
> > I think you may need to disable it on the replica in order to
> make
> > replication work.
> > > I just want to have 2 way replication between Server 1 and
> > Server 2,
> > > and used authenticate against server1. I would then setup in
> > pluging
> > > authentication against both 1 and 2. Is this right way?
> > > Thank your very much for your time and advice.
> > >
> > >
> > > On 4/28/06, *Richard Megginson* < rmeggins at redhat.com
> > <mailto:rmeggins at redhat.com>
> > > <mailto: rmeggins at redhat.com <mailto:rmeggins at redhat.com>>>
> > wrote:
> > >
> > > Linux Admin wrote:
> > > > Folks,
> > > > Is it possible to set up multi-master replication of
> > NetscapeRoot
> > > > configuration directory.
> > > > I have tried and I can successfully initialize
> > subscribers from the
> > > > current configuration directory server.
> > > > However initialization of replication in opposite
> > direction fails.
> > > >
> > > > Server 1 current conf dir -> Server 2: rplication
> sucsfull
> > > > o=NetscapeRoot is populated
> > > > Server 1 current conf dir <- Server 2: rplication
> > failes with error:
> > > > Permission denied. Error code 3
> > > Part of the problem is that, when you set up a second
> > instance, the
> > > installer automatically enables pass through
> > authentication for the
> > > console admin user, which allows that user to login as
> > > uid=admin,.....,o=NetscapeRoot on machines which do not
> have
> > > o=NetscapeRoot. So the first thing you need to do is to
> > disable the
> > > pass through auth plugin (console -> directory console ->
> > > Configuration
> > > -> Plug-ins -> Pass Through -> uncheck the Enable box -
> then
> > > restart the
> > > server.
> > > >
> > > > on Server 2 I had to manully create NetscapeRoot
> database.
> > > > What am I missing?. Is it "idiot prrof" feature?
> > > >
> > > > Thanks in advance for any help
> > > > SysLin
> > > >
> > > >
> > >
> >
> ------------------------------------------------------------------------
> > > >
> > > > --
> > > > Fedora-directory-users mailing list
> > > > Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>
> > > <mailto: Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>>
> > > >
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > <https://www.redhat.com/mailman/listinfo/fedora-directory-users>
> > > >
> > >
> > >
> > > --
> > > Fedora-directory-users mailing list
> > > Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>
> > > <mailto: Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>>
> > >
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > >
> > >
> > >
> > >
> > >
> ------------------------------------------------------------------------
> >
> > >
> > > --
> > > Fedora-directory-users mailing list
> > > Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>
> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > >
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > <mailto:Fedora-directory-users at redhat.com>
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20060501/46f6215f/attachment.html>
More information about the 389-users
mailing list