i have only 2 test users on that ldap, i am in testing phase before deploying to live so definitely no one changing password. this error popups in the same time as i changed the value and slave tried to sync.
On 05/10/2012 12:26 PM, Kiran Ayyagari wrote: > this error is not related to replication, it is a password policy related > error > some user is trying to change the password but is giving a value that he has > used earlier as password. > > > On Thu, May 10, 2012 at 3:53 PM, houmles <[email protected]> wrote: >> This error shows on slave server. I happens only when i tried to modify >> any attribute. DN syncing works and don't have any errors. >> >> jvm 1 | [12:18:39] ERROR >> [org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl] >> - invalid reuse of password present in password history >> jvm 1 | >> org.apache.directory.shared.ldap.model.exception.LdapOperationException: >> invalid reuse of password present in password history >> jvm 1 | at >> org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:956) >> jvm 1 | at >> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599) >> jvm 1 | at >> org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:248) >> jvm 1 | at >> org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:660) >> jvm 1 | at >> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:590) >> jvm 1 | at >> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:564) >> jvm 1 | at >> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:985) >> jvm 1 | at >> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResult(ReplicationConsumerImpl.java:361) >> jvm 1 | at >> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:618) >> jvm 1 | at >> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:505) >> jvm 1 | at >> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.start(ReplicationConsumerImpl.java:548) >> jvm 1 | at >> org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:660) >> jvm 1 | at java.lang.Thread.run(Thread.java:722) >> >> On 05/10/2012 11:23 AM, Kiran Ayyagari wrote: >>> this looks valid, do you have any error logs? >>> >>> On Thu, May 10, 2012 at 2:09 PM, houmles <[email protected]> wrote: >>>> here it is: >>>> >>>> dn: >>>> ads-replconsumerid=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers >>>> ,ads-directoryServiceId=default,ou=config >>>> objectclass: top >>>> objectclass: ads-base >>>> objectclass: ads-replConsumer >>>> ads-replaliasderefmode: never >>>> ads-replattributes: * >>>> ads-replconsumerid: 1 >>>> ads-replprovhostname: x.x.x.x >>>> ads-replprovport: 10389 >>>> ads-replrefreshinterval: 60000 >>>> ads-replrefreshnpersist: true >>>> ads-replsearchfilter: (objectClass=*) >>>> ads-replsearchscope: sub >>>> ads-replsearchsizelimit: 0 >>>> ads-replsearchtimeout: 0 >>>> ads-repluserdn: uid=admin,ou=system >>>> ads-repluserpassword:: xxxxxxxxx >>>> ads-searchbasedn: dc=xxx,dc=xx >>>> ads-replstrictcertvalidation: false >>>> ads-replusetls: false >>>> >>>> On 05/10/2012 10:29 AM, Kiran Ayyagari wrote: >>>>> can you provide the complete entry data with DN >>>>> >>>>> ads-replConsumerId=<whatever-id-you-have-here>,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config >>>>> >>>>> (remove the seerver IP and user credentials if they are sensitive) >>>>> >>>>> On Thu, May 10, 2012 at 1:38 PM, houmles <[email protected]> wrote: >>>>>> ups, forgot to mention 2.0.0-M6 >>>>>> >>>>>> On 05/10/2012 10:00 AM, Emmanuel Lécharny wrote: >>>>>>> Le 5/10/12 9:48 AM, houmles a écrit : >>>>>>>> Hi, >>>>>>> Hi, >>>>>>>> I have fully working one ADS and want to replicate it to another. I >>>>>>>> followed some tutorial and managed to replicate it but only just DN's. >>>>>>>> I >>>>>>>> can't get to sync attributes inside. >>>>>>>> >>>>>>>> My setting are: >>>>>>>> ads-replsearchfilter: (objectClass=*) >>>>>>>> ads-replsearchscope: sub >>>>>>>> >>>>>>>> is that ok? >>>>>>>> I want to achieve full 1:1 replication. >>>>>>>> >>>>>>>> Thanks >>>>>>> Which ADS version are you using ? >>>>>>> >>>>>>> >>> > >
