Richard,<br>
I have tried disabling the pass-through on server 2 and unfortunately I still can not replicate from 2 to 1.<br>
Replications from 1 to 2 works fine. I had to manually create
NetscapeRoot on 2 initially, could be it that is created with different
set of attributes then on 1.<br>
The error is 3. Permission denied.<br>
What else could it be.<br>
Thanks for all your help.<br>
<br>
<br><br><div><span class="gmail_quote">On 4/28/06, <b class="gmail_sendername">Linux Admin</b> <<a href="mailto:sysadmin.linux@gmail.com">sysadmin.linux@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="direction: ltr;">Richard,<br>Thanks, let me try. I am surprised there is no documentation at all on NetScape root replication.<br>You help is very much appricated</div><div style="direction: ltr;"><span class="e" id="q_10ae12239dd053a2_1">
<br><br><br><br><div><span class="gmail_quote">On 4/28/06, <b class="gmail_sendername">
Richard Megginson</b> <<a href="mailto:rmeggins@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">rmeggins@redhat.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Linux Admin wrote:<br>> Richard,<br>> Thanks, this is very good.<br>> I do not want to really disable it right now,<br>I think you may need to disable it on the replica in order to make<br>replication work.<br>> I just want to have 2 way replication between Server 1 and Server 2,
<br>> and used authenticate against server1. I would then setup in pluging<br>> authentication against both 1 and 2. Is this right way?<br>> Thank your very much for your time and advice.<br>><br>><br>> On 4/28/06, *Richard Megginson* <
<a href="mailto:rmeggins@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">rmeggins@redhat.com</a><br>> <mailto:<a href="mailto:rmeggins@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
rmeggins@redhat.com</a>>> wrote:<br>><br>> Linux Admin wrote:<br>> > Folks,<br>
> > Is it possible to set up multi-master replication of NetscapeRoot<br>> > configuration directory.<br>> > I have tried and I can successfully initialize subscribers from the<br>> > current configuration directory server.
<br>> > However initialization of replication in opposite direction fails.<br>> ><br>> > Server 1 current conf dir -> Server 2: rplication sucsfull<br>> > o=NetscapeRoot is populated
<br>> > Server 1 current conf dir <- Server 2: rplication failes with error:<br>> > Permission denied. Error code 3<br>> Part of the problem is that, when you set up a second instance, the<br>
> installer automatically enables pass through authentication for the<br>> console admin user, which allows that user to login as<br>> uid=admin,.....,o=NetscapeRoot on machines which do not have<br>
> o=NetscapeRoot. So the first thing you need to do is to disable the
<br>> pass through auth plugin (console -> directory console -><br>> Configuration<br>> -> Plug-ins -> Pass Through -> uncheck the Enable box - then<br>> restart the<br>> server.
<br>> ><br>> > on Server 2 I had to manully create NetscapeRoot database.<br>> > What am I missing?. Is it "idiot prrof" feature?<br>> ><br>> > Thanks in advance for any help
<br>> > SysLin<br>> ><br>> ><br>> ------------------------------------------------------------------------<br>> ><br>> > --<br>> > Fedora-directory-users mailing list
<br>> > <a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">Fedora-directory-users@redhat.com</a><br>> <mailto:<a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
Fedora-directory-users@redhat.com</a>>
<br>> > <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">https://www.redhat.com/mailman/listinfo/fedora-directory-users
</a><br>> ><br>><br>><br>> --<br>> Fedora-directory-users mailing list
<br>> <a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">Fedora-directory-users@redhat.com</a><br>> <mailto:<a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
Fedora-directory-users@redhat.com</a>><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
><br>><br>><br>><br>> ------------------------------------------------------------------------
<br>><br>> --<br>> Fedora-directory-users mailing list<br>> <a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">Fedora-directory-users@redhat.com
</a><br>> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>><br><br><br>--<br>Fedora-directory-users mailing list<br><a href="mailto:Fedora-directory-users@redhat.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
Fedora-directory-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br><br><br>
<br></blockquote></div><br>
</span></div></blockquote></div><br>