Linux Admin wrote:
That's necessary, but perhaps not sufficient. Now, try ldapsearch to bind and search each directory server using the cn=replication manager,cn=config user. Then, verify that in your Replica configuration you have specified cn=replication manager,cn=config as the supplier DN.both servers has this enty in dse.ldif under /opt/fedora-ds/<server-name>/config dn: cn=replication manager,cn=config objectClass: inetorgperson objectClass: person objectClass: top objectClass: organizationalPerson cn: replication manager sn: RM userPassword: passwordExpirationTime: 20380119031407Z Is this sufficent?
On 5/1/06, *Richard Megginson* <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> wrote:Linux Admin wrote: > Richard, > I have tried disabling the pass-through on server 2 and unfortunately > I still can not replicate from 2 to 1. > Replications from 1 to 2 works fine. I had to manually create > NetscapeRoot on 2 initially, could be it that is created with > different set of attributes then on 1. > The error is 3. Permission denied. Make sure the user you are using as your supplier DN on server 1 exists on server 1 (and likewise for server 2). Try using ldapsearch from the command line - bind with your supplier DN and password - to see if you can use those credentials to search the suffix on both servers. > What else could it be. > Thanks for all your help. > > > > On 4/28/06, *Linux Admin* <sysadmin.linux@xxxxxxxxx <mailto:sysadmin.linux@xxxxxxxxx> > <mailto: sysadmin.linux@xxxxxxxxx <mailto:sysadmin.linux@xxxxxxxxx>>> wrote: > > Richard, > Thanks, let me try. I am surprised there is no documentation at > all on NetScape root replication. > You help is very much appricated > > > > > On 4/28/06, * Richard Megginson* <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx> > <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>> wrote: > > Linux Admin wrote: > > Richard, > > Thanks, this is very good. > > I do not want to really disable it right now, > I think you may need to disable it on the replica in order to make > replication work. > > I just want to have 2 way replication between Server 1 and > Server 2, > > and used authenticate against server1. I would then setup in > pluging > > authentication against both 1 and 2. Is this right way? > > Thank your very much for your time and advice. > > > > > > On 4/28/06, *Richard Megginson* < rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx> > <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> > > <mailto: rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx> <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>>> > wrote: > > > > Linux Admin wrote: > > > Folks, > > > Is it possible to set up multi-master replication of > NetscapeRoot > > > configuration directory. > > > I have tried and I can successfully initialize > subscribers from the > > > current configuration directory server. > > > However initialization of replication in opposite > direction fails. > > > > > > Server 1 current conf dir -> Server 2: rplication sucsfull > > > o=NetscapeRoot is populated > > > Server 1 current conf dir <- Server 2: rplication > failes with error: > > > Permission denied. Error code 3 > > Part of the problem is that, when you set up a second > instance, the > > installer automatically enables pass through > authentication for the > > console admin user, which allows that user to login as > > uid=admin,.....,o=NetscapeRoot on machines which do not have > > o=NetscapeRoot. So the first thing you need to do is to > disable the > > pass through auth plugin (console -> directory console -> > > Configuration > > -> Plug-ins -> Pass Through -> uncheck the Enable box - then > > restart the > > server. > > > > > > on Server 2 I had to manully create NetscapeRoot database. > > > What am I missing?. Is it "idiot prrof" feature? > > > > > > Thanks in advance for any help > > > SysLin > > > > > > > >> ------------------------------------------------------------------------> > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto:Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>> > > <mailto: Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto:Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>>> > > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users> < https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto:Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>> > > <mailto: Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto:Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>>> > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > > > > > > ------------------------------------------------------------------------ > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto:Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > <mailto: Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
