[389-users] DSA unwilling to process update / Viewing contents of replication updates
Chris Phillips
chris at untrepid.com
Tue Jun 9 14:36:10 UTC 2009
Hi,
I've a cluster of boxes with replication form two multimasters to 6 read
only replicas. There appears to be a problem in the replication in that the
error logs state that the DSA is unwilling to process updates for a specific
user account, so the replication status in the idm just stays at saying it
started rather than completed. I could just delete the account and recreate
it, but as it's unfortunately *my* account (and is in this state *possibly*
because I was messing with the resetpasswordretrytime field (or something
very similarly named) which I get the impression is treated differently to
other fields) I'd like to avoid deleting the account.
To this end I'm hoping a suitable solution is to remove whatever the change
is that is trying to be pushed across, but I can't see any way with SSL
replication to see what the actual attributes it doesn't like are. Any way
to pull this straight out with ldapsearch or something? Any tips for
elegantly troubleshooting this in a heavily locked down environment would be
appreciated.
Thanks
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090609/95ea53d2/attachment.html>
More information about the 389-users
mailing list