Hi folks,
We've got multi-master replication setup between two masters. The replication
recently broke after being stable for a few years, and in troubleshooting it
appears that the issue is that both masters have the same nsDS5ReplicaId
defined (both are set to 2). Both masters have nearly
I'm in a situation where I will need to have my two existing version 1.2.11.15
B2015.345.187 servers, set up for multi-master replication, do multi-master
replication with two additional 1.3 servers. Is there any known problem with
this and is anyone doing it?
Hi
I have tried to follow
http://directory.fedoraproject.org/docs/389ds/howto/howto-walkthroughmultimasterssl.html#set-up-multi-master-replication
to setup a multimaster setup with 389 LDAP servers. I have 2 servers and I
have clients connected to both using SSL to authenticate. Both servers
Hi,
I have two 389-ds servers. I want them to do multi-master replication to each
other. Beyond these 2, there are no other servers.
I tried to do this via the command-line, following RedHat's guide [2].
However, /var/log/dirsrv/slapd-*/errors says this:
[18/Mar/2014:15:02:10 -0500]
On Thu, Mar 6, 2014 at 12:19 PM, Chaudhari, Rohit K.
rohit.chaudh...@jhuapl.edu wrote:
Hi All,
I am trying to create multi-master replication in 389. But I am having
trouble using ldapmodify to create a replication manager DN account
I get the following error:
Additional info: TLS error
For testing I know TLS_REQCERT never works.
For production I use:
TLS_REQCERT demand
TLS_CACERT /path/to/ca_cert.pem
If TLS_REQCERT never works then there's something wrong with your cert most
likely. Though I'd expect a generic connection error if were just having a
problem verifying the
Okay, I will take a look and report back.
Thanks,
Rohit
On 3/6/14 12:58 PM, Morgan Jones mor...@morganjones.org wrote:
For testing I know TLS_REQCERT never works.
For production I use:
TLS_REQCERT demand
TLS_CACERT /path/to/ca_cert.pem
If TLS_REQCERT never works then there's something wrong
I had to put a -x after ldapmodify to make it use simple authentication
versus SASL. My 389 DS is not SASL enabled, but it does have a
self-signed CA certificate. When I tried to just set TLS_REQCERT never,
it did not work. I haven't tried testing the TLS_CACERT variable, where I
set exactly
Hi Noriko,
DS Base:389-Directory/1.3.1.3 B2013.189.1813
389 DS + Win2008 (I use my windows as CA)
The error came out again, so I decide to investigate it.
The error:
[10/Jul/2013:10:52:23 -0300] NSMMReplicationPlugin - agmt=cn=AD-HMG1
(hmg1:636): Trying secure slapi_ldap_init_ext
Hi man,
Where I can find the 1.3.1 source to download? I tried
http://directory.fedoraproject.org/wiki/Source#Directory_Server_Source_Code,
but it´s not available over there.
Alberto Viana
On Fri, Jul 5, 2013 at 3:24 PM, Alberto Viana alberto...@gmail.com wrote:
No. It's a new server cert
Alberto Viana wrote:
Hi,
I got it. Everything is working fine now, so it was something in the
old branch (1.3.0.4)
Glad to hear that. Thanks so much for the report. And please keep us
updated...
--noriko
Alberto Viana
On Mon, Jul 8, 2013 at 5:17 PM, Noriko Hosoi nho...@redhat.com
Alberto Viana wrote:
Hello,
DS base: 1.3.0.4
DS admin: 1.3.1.31
I´m trying to setup a new version of 389 DS multi master replication
with active directory(win 2008) and I´m getting the following erros:
[04/Jul/2013:16:57:32 -0300] NSMMReplicationPlugin - agmt=cn=AD-HMG1
(hmg1:636): binddn
Noriko,
In my 389 DS:
root@hmg2:~# certutil -L -d /opt/dirsrv/etc/dirsrv/slapd-RNP/
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
homolog-HMG1-CA CT,,
Here is my CA details:
Data:
Alberto Viana wrote:
I already imported my certificates into 389 ds and windows 2008. I use
win2008 as CA. Just to remeber that the same enviroment was
working fine with my previous 389DS version.
You upgraded 389-ds-base from 1.2.10.12 to 1.3.0.4 using in-place
upgrade? What is your
Norkio,
No, it's a new machine. I just rebuild everything.
I'm using Ubuntu 12.04.2 LTS.
Alberto Viana
On Fri, Jul 5, 2013 at 2:50 PM, Noriko Hosoi nho...@redhat.com wrote:
Alberto Viana wrote:
I already imported my certificates into 389 ds and windows 2008. I use
win2008 as CA. Just to
Alberto Viana wrote:
Norkio,
No, it's a new machine. I just rebuild everything.
When you switched to the new machine, you reuse the old server cert from
the previous DS or renewed it?
Subject: CN=hmg2.homolog.rnp,OU=GTI,O=Rede Nacional de Ensino
e Pesquisa,L=Rio de Janeiro,C=BR
And
No. It's a new server cert (it's the same name, but i prefered to revoke it
and generate a new one).
Yes, for sure. I will try to rebuild everything on this branch (and make
new certs just to ensure there is nothing related with it), and if the
error persist, I will try this other branch and let
Hello,
DS base: 1.3.0.4
DS admin: 1.3.1.31
I´m trying to setup a new version of 389 DS multi master replication with
active directory(win 2008) and I´m getting the following erros:
[04/Jul/2013:16:57:32 -0300] NSMMReplicationPlugin - agmt=cn=AD-HMG1
(hmg1:636): binddn = CN=Conta de
I have two 389 directory servers up and running with Multi Master
replication without SSL/TLS with simple authentication.
After battling through the SSL for client authentication I am not able to
configure StartTLS/Simple Authentication based Multi-Master replication.
When I change the
On 12/16/2012 09:22 AM, Colin Tulloch wrote:
Hi all – thanks for reading!
We're planning a deployment of RHDS in our environment right now. We
want to setup multi-mastering, however I'm confused by the 20 masters
per replication scenario limit that's in the Redhat documentation.
There
Hi all - thanks for reading!
We're planning a deployment of RHDS in our environment right now. We want to
setup multi-mastering, however I'm confused by the 20 masters per replication
scenario limit that's in the Redhat documentation. There doesn't seem to be
any explanation around this limit
-Original Message-
From: 389-users-boun...@lists.fedoraproject.org [mailto:389-users-
boun...@lists.fedoraproject.org] On Behalf Of Billy O'Connell
Sent: 10 November 2010 14:47
To: 389-users@lists.fedoraproject.org
Subject: [389-users] Multi Master Replication
Hi,
I have setup
, Gerrard Geldenhuis wrote:
-Original Message-
From: 389-users-boun...@lists.fedoraproject.org [mailto:389-users-
boun...@lists.fedoraproject.org] On Behalf Of Billy O'Connell
Sent: 10 November 2010 14:47
To: 389-users@lists.fedoraproject.org
Subject: [389-users] Multi Master
Rich, you mentioned in one of your answers regarding the limit of Masters in a
replicated environment , quote
There really isn't a limit. The limit was only for the old Red Hat Directory
Server, and only so far as customer support goes. The only real hard limit is
65534 masters.
I was
On 01/28/2010 05:45 PM, Ajeet S Raina wrote:
I have been following the link:
http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication to
setup Multi-Master Replication.
Are those enough steps? Dont we need to enable changelog manually
through Console.
Also, Don't we need to
25 matches
Mail list logo