[389-users] Setting up multi master replication error 81
David Hoskinson
david.hoskinson at datatrak.net
Wed Aug 31 19:48:40 UTC 2011
[root at xxx slapd-adm302]# /usr/lib64/mozldap/ldapsearch -h xxx.stag.cle.us -p 636 -Z -P /etc/dirsrv/slapd-xxx/cert8.db -s base -b "" "objectclass=*"
version: 1
dn:
objectClass: top
namingContexts: dc=stag,dc=cle,dc=us
namingContexts: o=netscaperoot
supportedExtension: 2.16.840.1.113730.3.5.7
supportedExtension: 2.16.840.1.113730.3.5.8
supportedExtension: 2.16.840.1.113730.3.5.10
supportedExtension: 2.16.840.1.113730.3.5.3
supportedExtension: 2.16.840.1.113730.3.5.12
supportedExtension: 2.16.840.1.113730.3.5.5
supportedExtension: 2.16.840.1.113730.3.5.6
supportedExtension: 2.16.840.1.113730.3.5.9
supportedExtension: 2.16.840.1.113730.3.5.4
supportedExtension: 1.3.6.1.4.1.1466.20037
supportedExtension: 1.3.6.1.4.1.4203.1.11.1
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 2.16.840.1.113730.3.4.3
supportedControl: 2.16.840.1.113730.3.4.4
supportedControl: 2.16.840.1.113730.3.4.5
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 2.16.840.1.113730.3.4.9
supportedControl: 2.16.840.1.113730.3.4.16
supportedControl: 2.16.840.1.113730.3.4.15
supportedControl: 2.16.840.1.113730.3.4.17
supportedControl: 2.16.840.1.113730.3.4.19
supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1
supportedControl: 1.3.6.1.4.1.42.2.27.9.5.2
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.3.6.1.4.1.4203.666.5.16
supportedControl: 2.16.840.1.113730.3.4.14
supportedControl: 2.16.840.1.113730.3.4.20
supportedControl: 1.3.6.1.4.1.1466.29539.12
supportedControl: 2.16.840.1.113730.3.4.12
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.13
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: CRAM-MD5
supportedLDAPVersion: 2
supportedLDAPVersion: 3
vendorName: 389 Project
vendorVersion: 389-Directory/1.2.8.3 B2011.122.1636
dataversion: 020110830132535020110830132535
netscapemdsuffix: cn=ldap://dc=xxx,dc=stag,dc=cle,dc=us:389
I see what you are trying here, but still seems to be passing
From: Rich Megginson [mailto:rmeggins at redhat.com]
Sent: Wednesday, August 31, 2011 3:42 PM
To: General discussion list for the 389 Directory server project.
Cc: David Hoskinson
Subject: Re: [389-users] Setting up multi master replication error 81
On 08/31/2011 01:34 PM, David Hoskinson wrote:
Yes.... Sorry should have been xxx2.stag.cle.usRe: [389-users] Setting up multi master replication error 81
ok, try this:
/usr/lib64/mozldap/ldapsearch -h xxx.stag.cle.us -p 636 -Z -P /etc/dirsrv/slapd-xxx/cert8.db -s base -b "" "objectclass=*"
Could it be firewall related? You have to allow port 636 to use LDAPS (TLS/SSL encryption with LDAPS)
From: Rich Megginson [mailto:rmeggins at redhat.com]
Sent: Wednesday, August 31, 2011 3:32 PM
To: General discussion list for the 389 Directory server project.
Cc: David Hoskinson
Subject: Re: [389-users] Setting up multi master replication error 81
On 08/31/2011 01:30 PM, David Hoskinson wrote:
Not sure if there is a better way but will run through it...
Agreement name
Name: xxx
Description: xxx.stag.cle.us
Next
Supplier = server A:389
Consumer = server B:636
Are you using the FQDN for server B?
Use TLS/SSL (TLS?SSL encryption with LDAPS
Simple
Bind as cn=Replication Manager,cn=config
Password: replication password
Next
Select replication criteria.... Attributes unchecked
Next
Provide schedule Information
Always keep directories in sync
Next
Select one of the following
Initialize consume now
Done
Fails with unable to contact ldap
From: Rich Megginson [mailto:rmeggins at redhat.com]
Sent: Wednesday, August 31, 2011 3:21 PM
To: General discussion list for the 389 Directory server project.
Cc: David Hoskinson
Subject: Re: [389-users] Setting up multi master replication error 81
On 08/31/2011 01:05 PM, David Hoskinson wrote:
I was able to run this command on both machines with similar results. From server A I pointed the script at server A fqdn and server b fqdn and returned results. I then did the same thing on server b with both fqdn. It seems to me from what I am seeing is that the protocols are supported and correct and there is a possible "trust" issue going on here?
Can you post your replication agreement entries?
[root at xxx ~]# /usr/lib64/mozldap/ldapsearch -h xxx.stag.cle.us -ZZZ -P /etc/dirsrv/slapd-xxx/cert8.db -s base -b "" "objectclass=*"
version: 1
dn:
objectClass: top
namingContexts: dc=stag,dc=cle,dc=us
supportedExtension: 2.16.840.1.113730.3.5.7
supportedExtension: 2.16.840.1.113730.3.5.8
supportedExtension: 2.16.840.1.113730.3.5.10
supportedExtension: 2.16.840.1.113730.3.5.3
supportedExtension: 2.16.840.1.113730.3.5.12
supportedExtension: 2.16.840.1.113730.3.5.5
supportedExtension: 2.16.840.1.113730.3.5.6
supportedExtension: 2.16.840.1.113730.3.5.9
supportedExtension: 2.16.840.1.113730.3.5.4
supportedExtension: 1.3.6.1.4.1.1466.20037
supportedExtension: 1.3.6.1.4.1.4203.1.11.1
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 2.16.840.1.113730.3.4.3
supportedControl: 2.16.840.1.113730.3.4.4
supportedControl: 2.16.840.1.113730.3.4.5
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 2.16.840.1.113730.3.4.9
supportedControl: 2.16.840.1.113730.3.4.16
supportedControl: 2.16.840.1.113730.3.4.15
supportedControl: 2.16.840.1.113730.3.4.17
supportedControl: 2.16.840.1.113730.3.4.19
supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1
supportedControl: 1.3.6.1.4.1.42.2.27.9.5.2
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.3.6.1.4.1.4203.666.5.16
supportedControl: 2.16.840.1.113730.3.4.14
supportedControl: 2.16.840.1.113730.3.4.20
supportedControl: 1.3.6.1.4.1.1466.29539.12
supportedControl: 2.16.840.1.113730.3.4.12
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.13
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: DIGEST-MD5
supportedLDAPVersion: 2
supportedLDAPVersion: 3
vendorName: 389 Project
vendorVersion: 389-Directory/1.2.8.3 B2011.122.1636
dataversion: 020110831163410
netscapemdsuffix: cn=ldap://dc=xxx,dc=stag,dc=cle,dc=us:389
David Hoskinson | DATATRAK International
Systems Engineer
Mayfield Heights, Ohio, USA
+1.440.443.0082 x 124 (p) | +1.216.280.5457 (m)
david.hoskinson at datatrak.net<mailto:david.hoskinson at datatrak.net> | www.datatrak.net<http://www.datatrak.net/>
--
389 users mailing list
389-users at lists.fedoraproject.org<mailto:389-users at lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users at lists.fedoraproject.org<mailto:389-users at lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users at lists.fedoraproject.org<mailto:389-users at lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110831/52510758/attachment.html>
More information about the 389-users
mailing list