[389-users] Windows Sync with multiple sub DIT
Jérôme Fenal
jfenal at gmail.com
Thu Oct 8 18:37:04 UTC 2009
2009/10/8 Emmanuel BILLOT <emmanuel.billot at ird.fr>:
> Hi,
>
> We use 389DS and AD with a Winsync method.
> Our LDAP DIT :
> * dc=toutou,dc=fr
> ** dc=orleans,dc=toutou,dc=fr
> *** ou=people,dc=orleans,dc=toutou,dc=fr
> *** ou=group,dc=orleans,dc=toutou,dc=fr
> ** dc=bondy,dc=toutou,dc=fr
> *** ou=people,dc=bondy,dc=toutou,dc=fr
> *** ou=group,dc=bondy,dc=toutou,dc=fr
>
> Our AD DIT :
> * dc=toutou,dc=org
> ** ou=orleans,dc=toutou,dc=org
> *** ou=utilisateurs, ou=toutou, dc=ird,dc=org
> *** ou=groupes, ou=toutou,dc=ird,dc=org
>
> One can see some OU names are different, such as DIT root.
>
> So we cretaed a sync agrement as
> ou=people,dc=orleans,dc=toutou,dc=fr --- ou=utilisateurs, ou=toutou,
> dc=ird,dc=org
>
> All seems to be ok.
>
> However, we need to sync other subtrees, like
> ou=people,dc=bondy,dc=toutou,dc=fr
> It seems 389DS wants to syncronize high level entries which are not
> specified in the agrement. As it tries to do it for each sub agrement,
> failure occurs with a duplicate value error.
>
> How can we do ?
Replication is set for an entire database.
So I guess you'd need to host a sub-ou on a different database to
enable a Windows sync on this particular sub-ou.
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication.html#Replication_Overview-Unit_of_Replication
Regards,
J.
More information about the Fedora-directory-users
mailing list