On 3/24/22 10:34 AM, Lewis Robson wrote:
Thanks Mark, please see responses below
Couple things here, are the RHEL 7 servers set up as replication
consumers? that is correct, in the 389 console under configuration >
replication > userRoot, dedicated consumer
Yes you need the replication manager setup, but the suffix needs to
be enabled for replication as well. Can you do a ldapsearch on
cn=config searching for "objectclass=nsds5replica" and share the output?
heres the output of the below command, is this what you mean?
ldapsearch -x -b "dc=test,dc=co,dc=uk" -H ldaps://myserver -D
"cn=replication manager,cn=config" -W "objectclass=nsds5replica"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=test,dc=co,dc=uk> with scope subtree
# filter: objectclass=nsds5replica
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
You need to search under "cn=conifg" for objectclass=nsds5replica. not
the database suffix, and you should do so as the directory manager account:
ldapsearch =D "cn=directory manger" -W -b cn=config objectclass=nsds5replica
Can you also provide provide the other information I requested from the
RHEL 8 server?
# dsconf slapd-YOUR_INSTANCE replication get --suffix dc=test,dc=co,dc=uk
# dsconf slapd-YOUR_INSTANCE repl-agmt list --suffix dc=test,dc=co,dc=uk
sidenote, If i run the below without any filtering applied by me
ldapsearch -x -b "dc=test,dc=co,dc=uk,cn=config" -H ldaps://myserver
-D "cn=replication manager,cn=config" -W
Enter LDAP Password:
Is "dc=test,dc=co,dc=uk,cn=config" really an entry under cn=config.
This looks wrong.
Mark
i get:
# extended LDIF
#
# LDAPv3
# base <dc=test,dc=co,dc=uk,cn=config> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
My other concern is about the error message above, is that from a RHEL
8 replica?
this is from the var/log/dirsrv/slapd-host/* logs
If so, this indicates replication is not setup properly on that
suffix, but you say all the rhel 8 replicas are working.
we only have the 1 master node on 8, apologies for any confusion.
Thanks
-Lewis
Does anyone know anything that I could check for the error to get
around this?
Thankyou kindly.
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Directory Server Development Team
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
