On 3/24/22 8:38 AM, Lewis Robson wrote:
Hello all,
i am working to do multi master with two different versions of OS
(alma 8 and centos 7), this means that the 389 on alma 8 is using
dsidm and cockpit and the 389 on centos 7 is using 389console with
ldap commands.
the alma 8 directory tree is how we want it to be, users inside, all
working as expected.
the 7 directory tree is the complete standard given when 389ds is setup.
on the 7 machine (slave) I have the bind dn information of
cn=replication manager,cn=config.
This has been set up on the 8 mschine via cockpit in the replication
agreement to connect with these credentials. an ldapsearch lets me
connect with them and purposely typing the username or password wrong
for the agreement gives a different error so im confident the account
is okay.
The error I see, when i try and initiliaze the agreement from the 8
cockpit view to the slave machine is:
ERR - NSMMReplicationPlugin -
multimaster_extop_StartNSDS50ReplicationRequest - conn=289 op=3
replica="unknown": Unable to acquire replica: error: no such replica
Couple things here, are the RHEL 7 servers set up as replication
consumers? Yes you need the replication manager setup, but the suffix
needs to be enabled for replication as well. Can you do a ldapsearch on
cn=config searching for "objectclass=nsds5replica" and share the output?
My other concern is about the error message above, is that from a RHEL 8
replica? If so, this indicates replication is not setup properly on
that suffix, but you say all the rhel 8 replicas are working. Are you
using multiple backends/suffixes or just one? If you are using multiple
backends then maybe you have a mismatch in your replication config?
Becuase that error about "unknown" replica means the "suffix" was not
configured for replication. Was this error from a RHEL 8 replica? If so
run these commands:
Change the suffix value to your suffix:
# dsconf slapd-YOUR_INSTANCE replication get --suffix dc=example,dc=com
# dsconf slapd-YOUR_INSTANCE repl-agmt list --suffix dc=example,dc=com
If nothing sticks out try turning on replication logging
(nsslapd-erorrlog-level: 8192) - you can do this from the Cockpit UI as
well.
Thanks,
Mark
Does anyone know anything that I could check for the error to get
around this?
Thankyou kindly.
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Directory Server Development Team
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
