Timothy Hunt wrote:
Can you connect to port 389 on the AD server? Is it possible you have configured it to use port 636 but not to use SSL (or vice versa)?On Oct 25, 2007, at 12:50 PM, Richard Megginson wrote:Timothy Hunt wrote:I've taken over control of an FDS and an AD server which had been set up before I got to it. I'm still fairly new to LDAP and related things. I come from a unix background rather than windows.At some point, users put into FDS were replicated on the AD server correctly. Subsequently, the flat "structure" of the users in FDS was improved to be more hierarchical. However, new users added into FDS are not being added into AD. I'm also not familiar enough with AD to know where to see the OU structure that is present in FDS in AD. I'm not even sure if AD would have that structure. I'm at a bit of a loss as to how to start diagnosing where the problem is, let alone fixing it.I've looked at http://directory.fedoraproject.org/wiki/Howto:WindowsSync but as that is focussed on setting it up initially, I'm not sure how much of it applies.http://www.redhat.com/docs/manuals/dir-server/ag/7.1/sync.html#2836267Thanks, Richard,As our AD server isn't yet being used, I decided to break the existing sync agreement, wipe the users on the AD server, and start a new sync agreement.I've got "replication" logging set and I'm getting this in the FDS log files[26/Oct/2007:14:15:38 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Replication session backing off for 191 seconds [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): State: backoff -> backoff[26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV:[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: {replicageneration} 4693ce97000000010000 [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - supplier: {replica 1 ldap://ds1.intraisp.com:389} 469ee73e000000010000 47223b23000000010000 47223b23[26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV: [26/Oct/2007:14:18:50 -0500] - acquire_replica, consumer RUV = null [26/Oct/2007:14:18:50 -0500] - acquire_replica, supplier RUV is newer[26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Trying secure slapi_ldap_init [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): binddn = CN=Administrator,CN=Users,DC=directory,DC=intraisp,DC=com, passwd = {DES}cwngvvY1zCw= [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Disconnected from the consumer [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Beginning linger on the connection [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): No linger on the closed conn [26/Oct/2007:14:18:50 -0500] NSMMReplicationPlugin - agmt="cn=fs2" (fs2:636): Replication session backing off for 299 secondsthe "summary" tab of the AD sync agreement on FDS saysLast update message: - LDAP error: Can't contact LDAP server: Error Code: 81But I can connect to port 636 on the AD server from the RDS box without a problem.
Any suggestions? Timothy -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
