Linux Admin wrote: > Richard, > I have tried disabling the pass-through on server 2 and unfortunately > I still can not replicate from 2 to 1. > Replications from 1 to 2 works fine. I had to manually create > NetscapeRoot on 2 initially, could be it that is created with > different set of attributes then on 1. > The error is 3. Permission denied. Make sure the user you are using as your supplier DN on server 1 exists on server 1 (and likewise for server 2). Try using ldapsearch from the command line - bind with your supplier DN and password - to see if you can use those credentials to search the suffix on both servers. > What else could it be. > Thanks for all your help. > > > > On 4/28/06, *Linux Admin* <sysadmin.linux at gmail.com > <mailto:sysadmin.linux at gmail.com>> wrote: > > Richard, > Thanks, let me try. I am surprised there is no documentation at > all on NetScape root replication. > You help is very much appricated > > > > > On 4/28/06, * Richard Megginson* <rmeggins at redhat.com > <mailto:rmeggins at redhat.com>> wrote: > > Linux Admin wrote: > > Richard, > > Thanks, this is very good. > > I do not want to really disable it right now, > I think you may need to disable it on the replica in order to make > replication work. > > I just want to have 2 way replication between Server 1 and > Server 2, > > and used authenticate against server1. I would then setup in > pluging > > authentication against both 1 and 2. Is this right way? > > Thank your very much for your time and advice. > > > > > > On 4/28/06, *Richard Megginson* < rmeggins at redhat.com > <mailto:rmeggins at redhat.com> > > <mailto: rmeggins at redhat.com <mailto:rmeggins at redhat.com>>> > wrote: > > > > Linux Admin wrote: > > > Folks, > > > Is it possible to set up multi-master replication of > NetscapeRoot > > > configuration directory. > > > I have tried and I can successfully initialize > subscribers from the > > > current configuration directory server. > > > However initialization of replication in opposite > direction fails. > > > > > > Server 1 current conf dir -> Server 2: rplication sucsfull > > > o=NetscapeRoot is populated > > > Server 1 current conf dir <- Server 2: rplication > failes with error: > > > Permission denied. Error code 3 > > Part of the problem is that, when you set up a second > instance, the > > installer automatically enables pass through > authentication for the > > console admin user, which allows that user to login as > > uid=admin,.....,o=NetscapeRoot on machines which do not have > > o=NetscapeRoot. So the first thing you need to do is to > disable the > > pass through auth plugin (console -> directory console -> > > Configuration > > -> Plug-ins -> Pass Through -> uncheck the Enable box - then > > restart the > > server. > > > > > > on Server 2 I had to manully create NetscapeRoot database. > > > What am I missing?. Is it "idiot prrof" feature? > > > > > > Thanks in advance for any help > > > SysLin > > > > > > > > > ------------------------------------------------------------------------ > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > > <mailto: Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com>> > > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > <https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > > <mailto: Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com>> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > > > ------------------------------------------------------------------------ > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060501/01103338/attachment.bin
