Kyle Tucker wrote:
The consumer should have the cn=Repl Manager user with userPassword as an SSHA hash (or some other secure hash), not cleartext. The supplier should store the repl manager credentials with the {DES} reversible password encryption type so that it can send the clear text password to the consumer in the BIND request (as is done in the normal LDAP simple BIND request). You can always test this by using the ldapsearch command line tool to attempt to bind using -D "cn=replication manager,cn=config" and the password to the consumer to test the bind and credentials.I stopped the service, edited the password in clear in userPassword field, reinput the password on the master and same errors. The error from the initialize consumer action is:For grins, I stopped the master as well, edited its dse.ldif and changed it to clear (it was in DES method) and voila - it all took off and synched up. I checked my working test master and consumer and they were in DES and SSHA respectively, again always working from the onset. I'll leave it to the developers to take anything from this. Thanks for the pointer to dse.ldif.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
