[Fedora-directory-users] Re: SYNC without password ...
Rich Megginson
rmeggins at redhat.com
Fri Oct 17 22:42:41 UTC 2008
Vipul Ramani wrote:
> Hey Rich ,
>
>
> Do really need *Password policy @ Active directory and Password policy
> @ FDS needs to be same .... is that i am missing ...
> *
If you don't manually make them the same, then you run the risk that a
password accepted on AD will be rejected on FDS, or vice versa.
>
>
>
>
>
> On Thu, Oct 16, 2008 at 2:44 PM, Vipul Ramani <vipulramani at gmail.com
> <mailto:vipulramani at gmail.com>> wrote:
>
> I enabled logleve 8192 in error log of FDS
>
> linux2.test2.com <http://linux2.test2.com> is FDS and LABDC01 is ADC
>
> I created sync aggrement between LDAP:636 and ADC:636 , but in
> logs it shows still *ldap://linux2.test2.com:389
> <http://linux2.test2.com:389> ---
>
> ---- error of FDS ----
> *
>
> 16/Oct/2008:07:33:15 -0700] - acquire_replica, supplier RUV is newer
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): Cancelling linger on the connection
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> windows_acquire_replica returned success (101)
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): State: ready_to_acquire_replica ->
> sending_updates[16/Oct/2008:07:33:15 -0700] - csngen_adjust_time:
> gen state before 48f750ab0003:1224167595:0:0
> [16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay
> (agmt="cn=Vedant" (LABDC01:636)): Consumer RUV:
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): {replicageneration}
> 48f373b90000014d0000[16/Oct/2008:07:33:15 -0700]
> NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replica
> 333 ldap://linux2.test2.com:389 <http://linux2.test2.com:389>}
> 48f3772f0000014d0000 48f74f7b0013014d0000 48f74f7b
> [16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay
> (agmt="cn=Vedant" *(LABDC01:636)*): Supplier
> RUV:[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): {replicageneration}
> 48f373b90000014d0000
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): {replica 333
> *ldap://linux2.test2.com:389 <http://linux2.test2.com:389>*}
> 48f3772f0000014d0000 48f750ab0001014d0000 48f750ab
> [16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) -
> session start: anchorcsn=48f74f7b0013014d0000
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - changelog
> program - agmt="cn=Vedant" (LABDC01:636): CSN 48f74f7b0013014d0000
> found
> , position set for replay
> [16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) -
> load=1 rec=1 csn=48f750ab0001014d0000[16/Oct/2008:07:33:15 -0700]
> NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636):
> windows_replay_update: Looking at modify operation
> local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com"
> (ours,user,not group) [16/Oct/2008:07:33:15 -0700]
> NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636):
> map_entry_dn_outbound: looking for AD entry for DS
> dn="uid=vramani,ou=People, dc=tf-lab,dc=test2,dc=com"
> guid="f96921fe188c4b47a243ab088512103d"
> [16/Oct/2008:07:33:15 -0700] - Calling windows entry search
> request plugin[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the
> connection
> [16/Oct/2008:07:33:15 -0700] - windows_search_entry: recieved 2
> messages, 1 entries, 0 references
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): map_entry_dn_outbound: return code
> 0 from search f
> or AD entry dn="<GUID=f96921fe188c4b47a243ab088512103d>" or
> dn="CN=vipul r,CN=Users,DC=tf-lab,DC=test2,DC=com"
> [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): windows_replay_update: Processing
> modify operation
> local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" remote
> dn="<GUID=f96921fe188c4b47a243ab088512103d>"
> [16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) -
> clcache_load_buffer: rc=-30989
>
>
> -----
>
> i see this *" Linger time out has expired the connection " *
>
> 16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): Beginning linger on the connection
> [16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): State: sending_updates ->
> wait_for_changes
> [16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): *Linger timeout has expired on the
> connection*
> [16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin -
> agmt="cn=Vedant" (LABDC01:636): Disconnected from the consumer
>
>
> Any any clue
>
>
>
> On Wed, Oct 15, 2008 at 2:15 PM, Vipul Ramani
> <vipulramani at gmail.com <mailto:vipulramani at gmail.com>> wrote:
>
>
>
> Hi Rich ,
>
> But i can login and changed the password of ADC users. :(
>
> is there any other way to debug in to the deep ??? Kindly
> suggest i am ready ....
>
>
> I'm not sure, but I think this means that there were no
> passwords to sync from AD to Fedora DS. It keeps a queue of
> passwords to send in a file (encrypted).
>
>
>
>
>
>
>
> Regards
> Vipul Ramani
>
>
>
>
> --
> Regards
>
> Vipul Ramani
>
>
>
>
> --
> Regards
>
> Vipul Ramani
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20081017/791b5c8f/attachment.bin>
More information about the Fedora-directory-users
mailing list