[Fedora-directory-users] Questions about setting up replication by modifying ldap directly.

Rich Megginson rmeggins at redhat.com
Tue Dec 11 23:42:14 UTC 2007


Ryan Braun wrote:
> <snip>
>   
>
> Well I used my script to setup a MMR agreement between 2 servers.  Then a consumer read only agreement on those 2 servers to a third server.  Replication is working over all the servers.  With one really odd quirk.  When I open up the console,  goto the configuration tab -> Replication -> userRoot.  Then I click on one of the rep agreements I get an insufficient permissions error (I'm logging in as cn=Directory Manager).
>
> I click ok,  get prompted for a username and password (cn=Directory Manager is already in the username box).  I just click cancel and it lets me continue to view/edit/delete the rep agreement.
>   
Try startconsole -D -f console.log - see if the log has any more 
information.
> I restarted the server, same issue.
>
> There aren't any err= messages in the access log and the error log doesn't have any info about the message either.
>
> Here is the rep agreement straight from the dse.ldif file
>
> dn: cn=Replication to xxxldap1.xxx.ec.gc.ca,cn=replica,cn="dc=,dc=ec,dc=gc,
>  dc=ca",cn=mapping tree,cn=config
> objectClass: top
> objectClass: nsDS5ReplicationAgreement
> cn: Replication to xxxldap1.isb.ec.gc.ca
> nsDS5ReplicaHost: xxxldap1.xxx.ec.gc.ca
> nsDS5ReplicaRoot: dc=xxx,dc=ec,dc=gc,dc=ca
> nsDS5ReplicaPort: 389
> nsDS5ReplicaBindDN: uid=RManager,cn=config
> nsDS5ReplicaBindMethod: simple
> nsDS5ReplicaUpdateSchedule: 0000-2359 0123456
> nsds5replicaTimeout: 120
> nsDS5ReplicaCredentials: {DES}S7ig2LTq5lWO65tutWo4JQ==
> creatorsName: cn=directory manager
> modifiersName: cn=Multimaster Replication Plugin,cn=plugins,cn=config
> createTimestamp: 20071211223651Z
> modifyTimestamp: 20071211230605Z
> nsds50ruv: {replicageneration} 475f0e11000000030000
> nsds50ruv: {replica 1 ldap://xxxldap1.xxx.ec.gc.ca:389} 475f11c3000000010000 4
>  75f11c3000000010000
> nsds50ruv: {replica 3 ldap://infinity.xxx.ec.gc.ca:389} 475f11a6000000030000 4
>  75f151a000000030000
> nsruvReplicaLastModified: {replica 1 ldap://xxxldap1.xxx.ec.gc.ca:389} 0000000
>  0
> nsruvReplicaLastModified: {replica 3 ldap://infinity.xxx.ec.gc.ca:389} 0000000
>  0
>
> Ryan Braun
> Informatics Operations
> Aviation and Defence Services Division
> Chief Information Officer Branch, Environment Canada
> CIV: (204) 833-2500x2824 CSN: 257-2824  FAX: (204) 833-2524
> E-Mail: Ryan.Braun at ec.gc.ca
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071211/0732bb35/attachment.bin>


More information about the Fedora-directory-users mailing list