Richard,<br>Thanks, let me try. I am surprised there is no documentation at all on NetScape root replication.<br>You help is very much appricated<br><br><br><br><div><span class="gmail_quote">On 4/28/06, <b class="gmail_sendername">
Richard Megginson</b> <<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Linux Admin wrote:<br>> Richard,<br>> Thanks, this is very good.<br>> I do not want to really disable it right now,<br>I think you may need to disable it on the replica in order to make<br>replication work.<br>> I just want to have 2 way replication between Server 1 and Server 2,
<br>> and used authenticate against server1. I would then setup in pluging<br>> authentication against both 1 and 2. Is this right way?<br>> Thank your very much for your time and advice.<br>><br>><br>> On 4/28/06, *Richard Megginson* <
<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a><br>> <mailto:<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>>> wrote:<br>><br>> Linux Admin wrote:<br>> > Folks,<br>
> > Is it possible to set up multi-master replication of NetscapeRoot<br>> > configuration directory.<br>> > I have tried and I can successfully initialize subscribers from the<br>> > current configuration directory server.
<br>> > However initialization of replication in opposite direction fails.<br>> ><br>> > Server 1 current conf dir -> Server 2: rplication sucsfull<br>> > o=NetscapeRoot is populated
<br>> > Server 1 current conf dir <- Server 2: rplication failes with error:<br>> > Permission denied. Error code 3<br>> Part of the problem is that, when you set up a second instance, the<br>
> installer automatically enables pass through authentication for the<br>> console admin user, which allows that user to login as<br>> uid=admin,.....,o=NetscapeRoot on machines which do not have<br>> o=NetscapeRoot. So the first thing you need to do is to disable the
<br>> pass through auth plugin (console -> directory console -><br>> Configuration<br>> -> Plug-ins -> Pass Through -> uncheck the Enable box - then<br>> restart the<br>> server.
<br>> ><br>> > on Server 2 I had to manully create NetscapeRoot database.<br>> > What am I missing?. Is it "idiot prrof" feature?<br>> ><br>> > Thanks in advance for any help
<br>> > SysLin<br>> ><br>> ><br>> ------------------------------------------------------------------------<br>> ><br>> > --<br>> > Fedora-directory-users mailing list
<br>> > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>> <mailto:<a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>>
<br>> > <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>> ><br>><br>><br>> --<br>> Fedora-directory-users mailing list
<br>> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>> <mailto:<a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>><br>><br>><br>><br>> ------------------------------------------------------------------------
<br>><br>> --<br>> Fedora-directory-users mailing list<br>> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">
https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>><br><br><br>--<br>Fedora-directory-users mailing list<br><a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br><br><br><br></blockquote></div><br>