Looks like this:
[root@x-web-389-01 ~]# ldapsearch -xLLL -D "cn=directory manager" -W -b
cn=config "cn=389 to analog"
Enter LDAP Password:
dn: cn=389 to analog,cn=replica,cn=dc\3DMYDOMAIN\2C dc\3Dcom,cn=mapping
tree,cn=config
objectClass: top
objectClass: nsDS5ReplicationAgreement
description: x-web-389-01 to x-analog-01
cn: 389 to analog
nsDS5ReplicaRoot: dc=MYDOMAIN,dc=com
nsDS5ReplicaHost: x-analog-01.MYDOMAIN.com
nsDS5ReplicaPort: 389
nsDS5ReplicaBindDN: cn=repman,cn=config
nsDS5ReplicaTransportInfo: LDAP
nsDS5ReplicaBindMethod: SIMPLE
nsDS5ReplicaCredentials: {DES}/DnkVyIX/let6epFs+gfjw==
nsds50ruv: {replicageneration} 4eb7e52b000000010000
nsds50ruv: {replica 2 ldap://x-analog-01.MYDOMAIN.com:389} 4ec1600f000000020000
4ec29e53000000020000
nsds50ruv: {replica 1 ldap://x-web-389-01.MYDOMAIN.com:389}
4ec116e4000000010000 4f329c1c000100010000
nsruvReplicaLastModified: {replica 2 ldap://x-analog-01.MYDOMAIN.com:389}
00000000
nsruvReplicaLastModified: {replica 1 ldap://x-web-389-01.MYDOMAIN.com:389}
00000000
nsds5replicareapactive: 0
nsds5replicaLastUpdateStart: 0
nsds5replicaLastUpdateEnd: 0
nsds5replicaChangesSentSinceStartup:
nsds5replicaLastUpdateStatus: 0 No replication sessions started since server
startup
nsds5replicaUpdateInProgress: FALSE
nsds5replicaLastInitStart: 0
nsds5replicaLastInitEnd: 0
From: Rich Megginson [mailto:[email protected]]
Sent: Tuesday, March 13, 2012 12:24 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform
On 03/13/2012 10:23 AM, [email protected]<mailto:[email protected]> wrote:
Sorry, forgot to send this to the list.
There appears to be something wrong with your replication agreement entry, but
I have no idea what. That information should be in the logs but it is not.
Can you post your replication agreement entry to the list?
ldapsearch -xLLL -D "cn=directory manager" -W -b cn=config "cn=389 to analog"
From: Michael James
Sent: Tuesday, March 13, 2012 12:13 PM
To: 'Rich Megginson'
Subject: RE: [389-users] LDAP server is unwilling to perform
That’s a big *IF* there… I did turn up the logging. Attached is the error log,
trimmed to around the time that I tried to create the new replication
agreement. Sorry about that.
From: Rich Megginson
[mailto:[email protected]]<mailto:[mailto:[email protected]]>
Sent: Tuesday, March 13, 2012 11:51 AM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform
On 03/13/2012 09:41 AM, [email protected]<mailto:[email protected]> wrote:
Pls see attached new console.log. Thanks.
If you follow the directions at http://port389.org/wiki/FAQ#Troubleshooting to
enable the Replication log level, the extra information will be in the
directory server errors log, not the console log -
/var/log/dirsrv/slapd-INST/errors
Mike
From: Rich Megginson [mailto:[email protected]]
Sent: Monday, March 12, 2012 3:14 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform
On 03/12/2012 12:39 PM, [email protected]<mailto:[email protected]> wrote:
Pls. see attached. Thx.
Hmm - nothing to go on there - please turn on the Replication log level and
reproduce the problem - then the errors log may contain more clues
http://port389.org/wiki/FAQ#Troubleshooting
Mike
From: Rich Megginson [mailto:[email protected]]
Sent: Monday, March 12, 2012 1:30 PM
To: General discussion list for the 389 Directory server project.
Cc: Michael James
Subject: Re: [389-users] LDAP server is unwilling to perform
On 03/12/2012 11:30 AM, [email protected]<mailto:[email protected]> wrote:
Thanks for your previous help. I built a new server, CentOS 6.2, added the
epel-389-ds-base and epel repos, then installed 389-ds via yum. I ran
setup-ds-admin.pl with the “Typical” setup option, user nobody, and registered
with one of our existing configuration servers. I created the supplier bind DN
on the new server per the installation docs.
At this point, I can’t establish a replication agreement. I open the
389-console on existing server and use the GUI to create a new replication
agreement on userRoot. I accepted the defaults, entered the correct bind DN and
password. At the end of the wizard, it fails with “LDAP server is unwilling to
perform”. In the error log, I see one error. Any help is appreciated. Thanks,
Mike
Can you run the console with -D 9 -f console.log, reproduce the problem, remove
any sensitive information from console.log, and post console.log to this list?
[12/Mar/2012:13:26:46 -0400] NSMMReplicationPlugin - agmtlist_add_callback:
Can't start agreement "cn=389 to analog-01v,cn=replica,cn=dc\3d<MY_DOMAIN>\2c
dc\3dcom,cn=mapping tree,cn=config"
--
389 users mailing list
[email protected]<mailto:[email protected]>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]<mailto:[email protected]>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]<mailto:[email protected]>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
