Linux Admin wrote:
Make sure the user you are using as your supplier DN on server 1 exists on server 1 (and likewise for server 2). Try using ldapsearch from the command line - bind with your supplier DN and password - to see if you can use those credentials to search the suffix on both servers.Richard,I have tried disabling the pass-through on server 2 and unfortunately I still can not replicate from 2 to 1. Replications from 1 to 2 works fine. I had to manually create NetscapeRoot on 2 initially, could be it that is created with different set of attributes then on 1.The error is 3. Permission denied.
What else could it be. Thanks for all your help.On 4/28/06, *Linux Admin* <sysadmin.linux@xxxxxxxxx <mailto:sysadmin.linux@xxxxxxxxx>> wrote:Richard, Thanks, let me try. I am surprised there is no documentation at all on NetScape root replication. You help is very much appricated On 4/28/06, * Richard Megginson* <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> wrote: Linux Admin wrote: > Richard, > Thanks, this is very good. > I do not want to really disable it right now, I think you may need to disable it on the replica in order to make replication work. > I just want to have 2 way replication between Server 1 and Server 2, > and used authenticate against server1. I would then setup in pluging > authentication against both 1 and 2. Is this right way? > Thank your very much for your time and advice. > > > On 4/28/06, *Richard Megginson* < rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx> > <mailto: rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>> wrote: > > Linux Admin wrote: > > Folks, > > Is it possible to set up multi-master replication of NetscapeRoot > > configuration directory. > > I have tried and I can successfully initialize subscribers from the > > current configuration directory server. > > However initialization of replication in opposite direction fails. > > > > Server 1 current conf dir -> Server 2: rplication sucsfull > > o=NetscapeRoot is populated > > Server 1 current conf dir <- Server 2: rplication failes with error: > > Permission denied. Error code 3 > Part of the problem is that, when you set up a second instance, the > installer automatically enables pass through authentication for the > console admin user, which allows that user to login as > uid=admin,.....,o=NetscapeRoot on machines which do not have > o=NetscapeRoot. So the first thing you need to do is to disable the > pass through auth plugin (console -> directory console -> > Configuration > -> Plug-ins -> Pass Through -> uncheck the Enable box - then > restart the > server. > > > > on Server 2 I had to manully create NetscapeRoot database. > > What am I missing?. Is it "idiot prrof" feature? > > > > Thanks in advance for any help > > SysLin > > > >> ------------------------------------------------------------------------> > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto: Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users <https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto: Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> https://www.redhat.com/mailman/listinfo/fedora-directory-users ------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
