2009/10/8 Emmanuel BILLOT <emmanuel.billot@xxxxxx>: > Hi, > > We use 389DS and AD with a Winsync method. > Our LDAP DIT : > * dc=toutou,dc=fr > ** dc=orleans,dc=toutou,dc=fr > *** ou=people,dc=orleans,dc=toutou,dc=fr > *** ou=group,dc=orleans,dc=toutou,dc=fr > ** dc=bondy,dc=toutou,dc=fr > *** ou=people,dc=bondy,dc=toutou,dc=fr > *** ou=group,dc=bondy,dc=toutou,dc=fr > > Our AD DIT : > * dc=toutou,dc=org > ** ou=orleans,dc=toutou,dc=org > *** ou=utilisateurs, ou=toutou, dc=ird,dc=org > *** ou=groupes, ou=toutou,dc=ird,dc=org > > One can see some OU names are different, such as DIT root. > > So we cretaed a sync agrement as > ou=people,dc=orleans,dc=toutou,dc=fr --- ou=utilisateurs, ou=toutou, > dc=ird,dc=org > > All seems to be ok. > > However, we need to sync other subtrees, like > ou=people,dc=bondy,dc=toutou,dc=fr > It seems 389DS wants to syncronize high level entries which are not > specified in the agrement. As it tries to do it for each sub agrement, > failure occurs with a duplicate value error. > > How can we do ? Replication is set for an entire database. So I guess you'd need to host a sub-ou on a different database to enable a Windows sync on this particular sub-ou. http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication.html#Replication_Overview-Unit_of_Replication Regards, J. -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
