Timothy Hunt wrote: > > On Oct 25, 2007, at 12:50 PM, Richard Megginson wrote: > >> Timothy Hunt wrote: >>> I've taken over control of an FDS and an AD server which had been >>> set up before I got to it. I'm still fairly new to LDAP and related >>> things. I come from a unix background rather than windows. >>> >>> At some point, users put into FDS were replicated on the AD server >>> correctly. Subsequently, the flat "structure" of the users in FDS >>> was improved to be more hierarchical. However, new users added into >>> FDS are not being added into AD. I'm also not familiar enough with >>> AD to know where to see the OU structure that is present in FDS in >>> AD. I'm not even sure if AD would have that structure. I'm at a >>> bit of a loss as to how to start diagnosing where the problem is, >>> let alone fixing it. >>> >>> I've looked at >>> http://directory.fedoraproject.org/wiki/Howto:WindowsSync but as >>> that is focussed on setting it up initially, I'm not sure how much >>> of it applies. >> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/sync.html#2836267 >>> >>> > > Thanks, Richard, > > As our AD server isn't yet being used, I decided to break the existing > sync agreement, wipe the users on the AD server, and start a new sync > agreement. > > I've got "replication" logging set and I'm getting this in the FDS log > files > > [26/Oct/2007:14:15:38 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): Replication session backing off for 191 seconds > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): State: backoff -> backoff > [26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV: > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: > {replicageneration} 4693ce97000000010000 > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: > {replica 1 ldap://ds1.intraisp.com:389} 469ee73e000000010000 > 47223b23000000010000 47223b23 > [26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV: > [26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV = null > [26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV is newer > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): Trying secure slapi_ldap_init > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): binddn = > CN=Administrator,CN=Users,DC=directory,DC=intraisp,DC=com, passwd = > {DES}cwngvvY1zCw= > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): Disconnected from the consumer > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): Beginning linger on the connection > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): No linger on the closed conn > [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" > (fs2:636): Replication session backing off for 299 seconds > > the "summary" tab of the AD sync agreement on FDS says > Last update message: - LDAP error: Can't contact LDAP server: Error > Code: 81 > > But I can connect to port 636 on the AD server from the RDS box > without a problem. Can you connect to port 389 on the AD server? Is it possible you have configured it to use port 636 but not to use SSL (or vice versa)? > > Any suggestions? > > Timothy > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071026/99f044c5/attachment.bin
