On Oct 25, 2007, at 12:50 PM, Richard Megginson wrote: > Timothy Hunt wrote: >> I've taken over control of an FDS and an AD server which had been >> set up before I got to it. I'm still fairly new to LDAP and >> related things. I come from a unix background rather than windows. >> >> At some point, users put into FDS were replicated on the AD server >> correctly. Subsequently, the flat "structure" of the users in FDS >> was improved to be more hierarchical. However, new users added >> into FDS are not being added into AD. I'm also not familiar >> enough with AD to know where to see the OU structure that is >> present in FDS in AD. I'm not even sure if AD would have that >> structure. I'm at a bit of a loss as to how to start diagnosing >> where the problem is, let alone fixing it. >> >> I've looked at http://directory.fedoraproject.org/wiki/ >> Howto:WindowsSync but as that is focussed on setting it up >> initially, I'm not sure how much of it applies. > http://www.redhat.com/docs/manuals/dir-server/ag/7.1/sync.html#2836267 >> >> Thanks, Richard, As our AD server isn't yet being used, I decided to break the existing sync agreement, wipe the users on the AD server, and start a new sync agreement. I've got "replication" logging set and I'm getting this in the FDS log files [26/Oct/2007:14:15:38 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Replication session backing off for 191 seconds [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): State: backoff -> backoff [26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV: [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: {replicageneration} 4693ce97000000010000 [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: {replica 1 ldap://ds1.intraisp.com:389} 469ee73e000000010000 47223b23000000010000 47223b23 [26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV: [26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV = null [26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV is newer [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Trying secure slapi_ldap_init [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): binddn = CN=Administrator,CN=Users,DC=directory,DC=intraisp,DC=com, passwd = {DES}cwngvvY1zCw= [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Disconnected from the consumer [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Beginning linger on the connection [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): No linger on the closed conn [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Replication session backing off for 299 seconds the "summary" tab of the AD sync agreement on FDS says Last update message: - LDAP error: Can't contact LDAP server: Error Code: 81 But I can connect to port 636 on the AD server from the RDS box without a problem. Any suggestions? Timothy
