<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2873" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2><SPAN class=069001918-07062007>I started with two
Redhat EL3U5 servers, setting up the newest available directory server
(fedora-ds rpm) on each server with an identical configuration. I set up
Single Master replication according to this guide: <A
href="http://www.redhat.com/docs/manuals/dir-server/ag/7.1/replicat.html#1108849">http://www.redhat.com/docs/manuals/dir-server/ag/7.1/replicat.html#1108849</A>.
That is, I created a 'cn=replication manager,cn=config' by pasting the example
entry from the guide in the config/dse.ldif on the slave (consumer)
server. I verified this account works by using LDAP Browser/Editor, I can
log in and view my LDAP directory 'dc=foo,dc=net'. I cannot, however, add
or delete any foo.net entries when logged in as the replication manager.
When I configured a replication agreement on the master/supplier and restarted
both servers, it errors out with:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007>NSMMReplicationPlugin - agmt="cn=myagreement"
(192:1389): Unable to acquire replica: permission denied. The bind dn
"cn=replication manager,cn=config" does not have permission to supply
replication updates to the replica. Will retry later.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=069001918-07062007>I had specified the
ip address of the slave/consumer server when setting up the replication
agreement, but because it refers to it as '192:1389' in the logs I thought maybe
it was looking for a hostname. Getting past the fact that it will not
allow underscores in the consumer name (I assume this is a bug), I added an
/etc/hosts entry for the consumer on the master and recreated the replication
agreement and restarted both servers. I still have the same
problem:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007>NSMMReplicationPlugin - agmt="cn=myagreement"
(testappserver2:1389): Unable to acquire replica: permission denied. The bind dn
"cn=replication manager,cn=config" does not have permission to supply
replication updates to the replica. Will retry later.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=069001918-07062007>On the
slave/consumer, I get:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007>NSMMReplicationPlugin - conn=9 op=3
replica="dc=foo,dc=net": Unable to acquire replica: error: permission
denied</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=069001918-07062007></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=069001918-07062007>Any idea why this is
happening? Shouldn't the replication manager have read/write permissions
to the userRoot by default since it inherits all the administrator
roles?</SPAN></FONT></DIV></BODY></HTML>