[Fedora-directory-users] Re: SYNC without password ...
Rich Megginson
rmeggins at redhat.com
Wed Oct 15 21:05:07 UTC 2008
Vipul Ramani wrote:
> Any luck ??? any 1 one who had pass through same problem ...
>
> Clueless no errors ( FDS , ADC ) only PassSync Error ..which is
> mentioned below ...
>
>
>
> On Tue, Oct 14, 2008 at 5:26 PM, Vipul Ramani <vipulramani at gmail.com
> <mailto:vipulramani at gmail.com>> wrote:
>
>
> I feel i am so close to solve this problem ..since long time .. if
> any 1 have clue where what i forgot ...
>
>
> I changed password of cn=replication,cn=config
>
> and now only i am getting error
> ----passsync log ----
>
> 10/14/08 17:24:19: Failed to load entries from file ##### I
> dont know Failed to load entires from FILE *( PassSync talking
> about which file ) *#####
> 10/14/08 17:26:41: Failed to load entries from file
> 10/14/08 17:26:41: PassSync service stopped
> 10/14/08 17:26:42: PassSync service started
> 10/14/08 17:26:42: Failed to load entries from file
>
I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).
>
>
> ----------------
> /var/log/dir-serv/slapd-linux2/access
>
>
> [14/Oct/2008:10:21:20 -0700] conn=38 fd=69 slot=69 SSL connection
> from 192.168.1.200 <http://192.168.1.200> to 192.168.1.210
> <http://192.168.1.210>
> [14/Oct/2008:10:21:20 -0700] conn=38 SSL 128-bit RC4
> [14/Oct/2008:10:21:20 -0700] conn=38 op=0 BIND
> dn="cn=replication,cn=config" method=128 version=2
> [14/Oct/2008:10:21:20 -0700] conn=38 op=0 RESULT err=0 tag=97
> nentries=0 etime=0 dn="cn=replication,cn=config"
> [14/Oct/2008:10:21:20 -0700] conn=38 op=1 UNBIND
> [14/Oct/2008:10:21:20 -0700] conn=38 op=1 fd=69 closed - U1
> [14/Oct/2008:10:21:21 -0700] conn=39 fd=69 slot=69 SSL connection
> from 192.168.1.200 <http://192.168.1.200> to 192.168.1.210
> <http://192.168.1.210>
> [14/Oct/2008:10:21:21 -0700] conn=39 SSL 128-bit RC4
> [14/Oct/2008:10:21:21 -0700] conn=39 op=0 BIND
> dn="cn=replication,cn=config" method=128 version=2
> [14/Oct/2008:10:21:21 -0700] conn=39 op=0 RESULT err=0 tag=97
> nentries=0 etime=0 dn="cn=replication,cn=config"
> [14/Oct/2008:10:21:21 -0700] conn=39 op=1 UNBIND
> [14/Oct/2008:10:21:21 -0700] conn=39 op=1 fd=69 closed - U1
>
> /var/log/dir-serv/slapd-linux2/errors NO ERRORs ..
>
> On Tue, Oct 14, 2008 at 5:10 PM, Vipul Ramani
> <vipulramani at gmail.com <mailto:vipulramani at gmail.com>> wrote:
>
>
> --- passyc log ---
>
> 10/14/08 17:05:56: Failed to load entries from file
> 10/14/08 17:05:56: Ldap bind error in Connect
> 48: Inappropriate authentication
> 10/14/08 17:05:56: Can not connect to ldap server in SyncPasswords
> -----------------------------
>
> ADC ( where passysnc installed ) #
>
> On the Directory Server, export the server certificate using
> |pk12util|.
>
> FDS# pk12util -d . -o servercert.pfx -n Server-Cert
>
>
> then ,
>
> Import the server certificate from the Directory Server into
> the new certificate databases using p|k12util.exe|.
>
> pk12util.exe -d "C:\Program Files\Red Hat Directory Password Synchronization" -i servercert.pfx
>
>
> then
>
> Give trusted peer status to the server.
>
> certutil.exe -d "C:\Program Files\Red Hat Directory Password Synchronization" -M
> -n Server-Cert -t "P,P,P"
>
>
>
>
> C:\Program Files (x86)\Red Hat Directory Password
> Synchronization>certutil.exe -
> L -d . -P
> CA certificate c,c,c
> Server-Cert
> Pu,Pu,Pu <-- imported from FDS
>
> C:\Program Files (x86)\Red Hat Directory Password Synchronization>
> ---------------------------
>
> still same error . ...
>
>
>
>
>
> On Tue, Oct 14, 2008 at 3:42 PM, Vipul Ramani
> <vipulramani at gmail.com <mailto:vipulramani at gmail.com>> wrote:
>
> Hi All ,
>
> I am doing Active directory ----> FDS ( ssl) , all
> attribute is replicated from ADC ---> FDS .. But i am not
> able to see password attribute in FDS ?
>
> Replication
> FDS - working as master
> Passync for replication
>
> replication is happening from Active Directory:636 ---- >
> FDS : 636 .
>
>
> Am i am missing something ...
>
> ------Adc user profile , which is replicated in FDS -------
> dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com
> ntUniqueId: f96921fe188c4b47a243ab088512103d
> givenName: vipul
> sn: r
> objectClass: top
> objectClass: person
> objectClass: organizationalperson
> objectClass: inetOrgPerson
> objectClass: ntUser
> uid: vramani
> ntUserDeleteAccount: true
> cn: vipul r
> ntUserDomainId: vramani
> ntUserAcctExpires: 9223372036854775807
> ntUserCodePage: 0
> ------
> ----acess------
>
>
> [14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH
> base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0
> filter="(objectClass=*)" attrs=ALL
> [14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0
> tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH
> base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1
> filter="(objectClass=*)" attrs="objectClass"
> [14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0
> tag=101 nentries=0 etime=1
> [14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH
> base="dc=tf-lab,dc=test,dc=com" scope=0
> filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19
> -0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH
> base="dc=tf-lab,dc=test,dc=com" scope=1
> filter="(objectClass=*)" attrs="objectClass"
> [14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0
> tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH
> base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0
> filter="(objectClass=*)" attrs=ALL
> [14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0
> tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700]
> conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2
> filter="(objectClass=*)" attrs=ALL
> [14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0
> tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD
> dn="cn=Vedant, cn=replica,
> cn=\22dc=tf-lab,dc=test,dc=com\22, cn=mapping tree,
> cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124
> RESULT err=0 tag=103 nentries=0
> etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH
> base="cn=Vedant, cn=replica,
> cn=\22dc=tf-lab,dc=test,dc=com\22, cn=mapping tree,
> cn=config" scope=0
> filter="(|(objectClass=*)(objectClass=ldapsubentry))"
> attrs="nsds5replicaLastUpdateStart
> nsds5replicaLastUpdateEnd
> nsds5replicaChangesSentSinceStartup
> nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress
> nsds5replicaLastInitStart nsds5replicaLastInitEnd
> nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
> [14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0
> tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH
> base="cn=replication,cn=config" scope=2
> filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31
> -0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0
> [14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD
> dn="cn=Vedant, cn=replica,
> cn=\22dc=tf-lab,dc=test,dc=com\22, cn=mapping tree, cn=config"
> [14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0
> tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700]
> conn=3 op=128 MOD dn="cn=Vedant, cn=replica,
> cn=\22dc=tf-lab,dc=test,dc=com\22, cn=mapping tree, cn=config"
> [14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0
> tag=103 nentries=0 etime=0
> [14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH
> base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1
> filter="(objectClass=*)" attrs="objectClass"
> [14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0
> tag=101 nentries=18 etime=0
> ------
>
>
> thanks in Adv...
>
>
>
>
>
> --
> Regards
>
> Vipul Ramani
>
>
>
>
> --
> Regards
>
> Vipul Ramani
>
>
>
>
> --
> Regards
>
> Vipul Ramani
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20081015/f63d28ac/attachment.bin>
More information about the Fedora-directory-users
mailing list