> On 13 Nov 2019, at 08:13, Mark Reynolds <mreyno...@redhat.com> wrote: > > > On 11/12/19 4:47 PM, Graham Leggett wrote: >> Hi all, >> >> We have a long standing 389ds master LDAP server that was found to be unable >> to contact it’s slaves. Most specifically, the slaves show nothing in their >> logs about any kind of connection, while the master is logging this: >> >> [12/Nov/2019:21:39:47.212715697 +0000] - ERR - slapi_ldap_bind - Could not >> send bind request for id [(anon)] authentication mechanism [EXTERNAL]: error >> -1 (Can't contact LDAP server), system error 0 (no error), network error 0 >> (Unknown error, host “ldap01:636”) >> > What is the bind method of the agreement? SSLCLIENTAUTH? The problem is > that the ID is anonymous (anon). So it's not binding correctly to the > consumer. What do you have for these attributes in the replication > agreement:
Hmmm, ldap01:636 also seems like a bad hostname too? > > > > This is what I have: > > dn: cn=blah,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config > > nsDS5ReplicaBindMethod: sslclientauth > nsDS5ReplicaTransportInfo: LDAPS > nsDS5ReplicaBindDN: cn=replication manager,cn=config > > > > Mark > >> Key is "system error 0 (no error)”, which leaves us stumped. The error is >> obviously “success”. >> >> Has anyone seen this kind of thing before? >> >> This is 389ds running on CentOS7 as follows: >> >> 389-ds-base-1.3.9.1-10.el7.x86_64 >> >> Regards, >> Graham >> — >> >> >> >> >> _______________________________________________ >> 389-users mailing list -- >> 389-users@lists.fedoraproject.org >> >> To unsubscribe send an email to >> 389-users-le...@lists.fedoraproject.org >> >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org > -- > > 389 Directory Server Development Team > > _______________________________________________ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
