Jérôme Fenal a écrit :
2009/10/8 Emmanuel BILLOT <emmanuel.billot@xxxxxx>:Hi, We use 389DS and AD with a Winsync method. Our LDAP DIT : * dc=toutou,dc=fr ** dc=orleans,dc=toutou,dc=fr *** ou=people,dc=orleans,dc=toutou,dc=fr *** ou=group,dc=orleans,dc=toutou,dc=fr ** dc=bondy,dc=toutou,dc=fr *** ou=people,dc=bondy,dc=toutou,dc=fr *** ou=group,dc=bondy,dc=toutou,dc=fr Our AD DIT : * dc=toutou,dc=org ** ou=orleans,dc=toutou,dc=org *** ou=utilisateurs, ou=toutou, dc=ird,dc=org *** ou=groupes, ou=toutou,dc=ird,dc=org One can see some OU names are different, such as DIT root. So we cretaed a sync agrement as ou=people,dc=orleans,dc=toutou,dc=fr --- ou=utilisateurs, ou=toutou, dc=ird,dc=org All seems to be ok. However, we need to sync other subtrees, like ou=people,dc=bondy,dc=toutou,dc=fr It seems 389DS wants to syncronize high level entries which are not specified in the agrement. As it tries to do it for each sub agrement, failure occurs with a duplicate value error. How can we do ?Replication is set for an entire database. So I guess you'd need to host a sub-ou on a different database to enable a Windows sync on this particular sub-ou. http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication.html#Replication_Overview-Unit_of_Replication Regards,
Ok i wil try this.However, what are those specific entries that DS tries to synchronize ? Why does it not uses only the defined subtrees ? Does it mean that in case of a DIT wich contains several OU with Users and Groups, we have to split in "small" DB for Winsync ?
J. -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- ========================================== Emmanuel BILLOT IRD - Orléans Délégation aux Systèmes d'Information (DSI) tél : 02 38 49 95 88==========================================
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
