J?r?me Fenal a ?crit : > 2009/10/8 Emmanuel BILLOT <emmanuel.billot at ird.fr>: > >> Hi, >> >> We use 389DS and AD with a Winsync method. >> Our LDAP DIT : >> * dc=toutou,dc=fr >> ** dc=orleans,dc=toutou,dc=fr >> *** ou=people,dc=orleans,dc=toutou,dc=fr >> *** ou=group,dc=orleans,dc=toutou,dc=fr >> ** dc=bondy,dc=toutou,dc=fr >> *** ou=people,dc=bondy,dc=toutou,dc=fr >> *** ou=group,dc=bondy,dc=toutou,dc=fr >> >> Our AD DIT : >> * dc=toutou,dc=org >> ** ou=orleans,dc=toutou,dc=org >> *** ou=utilisateurs, ou=toutou, dc=ird,dc=org >> *** ou=groupes, ou=toutou,dc=ird,dc=org >> >> One can see some OU names are different, such as DIT root. >> >> So we cretaed a sync agrement as >> ou=people,dc=orleans,dc=toutou,dc=fr --- ou=utilisateurs, ou=toutou, >> dc=ird,dc=org >> >> All seems to be ok. >> >> However, we need to sync other subtrees, like >> ou=people,dc=bondy,dc=toutou,dc=fr >> It seems 389DS wants to syncronize high level entries which are not >> specified in the agrement. As it tries to do it for each sub agrement, >> failure occurs with a duplicate value error. >> >> How can we do ? >> > > Replication is set for an entire database. > So I guess you'd need to host a sub-ou on a different database to > enable a Windows sync on this particular sub-ou. > > http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication.html#Replication_Overview-Unit_of_Replication > > Regards, > Ok i wil try this. However, what are those specific entries that DS tries to synchronize ? Why does it not uses only the defined subtrees ? Does it mean that in case of a DIT wich contains several OU with Users and Groups, we have to split in "small" DB for Winsync ? > J. > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- ========================================== Emmanuel BILLOT IRD - Orl?ans D?l?gation aux Syst?mes d'Information (DSI) t?l : 02 38 49 95 88 ==========================================
