did you, by any chance, modify the password of the user in slave to the same value that is being replicated later?
On Thu, May 10, 2012 at 4:01 PM, houmles <[email protected]> wrote: > i have only 2 test users on that ldap, i am in testing phase before > deploying to live so definitely no one changing password. > this error popups in the same time as i changed the value and slave > tried to sync. > > On 05/10/2012 12:26 PM, Kiran Ayyagari wrote: >> this error is not related to replication, it is a password policy related >> error >> some user is trying to change the password but is giving a value that he has >> used earlier as password. >> >> >> On Thu, May 10, 2012 at 3:53 PM, houmles <[email protected]> wrote: >>> This error shows on slave server. I happens only when i tried to modify >>> any attribute. DN syncing works and don't have any errors. >>> >>> jvm 1 | [12:18:39] ERROR >>> [org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl] >>> - invalid reuse of password present in password history >>> jvm 1 | >>> org.apache.directory.shared.ldap.model.exception.LdapOperationException: >>> invalid reuse of password present in password history >>> jvm 1 | at >>> org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:956) >>> jvm 1 | at >>> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599) >>> jvm 1 | at >>> org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:248) >>> jvm 1 | at >>> org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:660) >>> jvm 1 | at >>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:590) >>> jvm 1 | at >>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:564) >>> jvm 1 | at >>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:985) >>> jvm 1 | at >>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResult(ReplicationConsumerImpl.java:361) >>> jvm 1 | at >>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:618) >>> jvm 1 | at >>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:505) >>> jvm 1 | at >>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.start(ReplicationConsumerImpl.java:548) >>> jvm 1 | at >>> org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:660) >>> jvm 1 | at java.lang.Thread.run(Thread.java:722) >>> >>> On 05/10/2012 11:23 AM, Kiran Ayyagari wrote: >>>> this looks valid, do you have any error logs? >>>> >>>> On Thu, May 10, 2012 at 2:09 PM, houmles <[email protected]> wrote: >>>>> here it is: >>>>> >>>>> dn: >>>>> ads-replconsumerid=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers >>>>> ,ads-directoryServiceId=default,ou=config >>>>> objectclass: top >>>>> objectclass: ads-base >>>>> objectclass: ads-replConsumer >>>>> ads-replaliasderefmode: never >>>>> ads-replattributes: * >>>>> ads-replconsumerid: 1 >>>>> ads-replprovhostname: x.x.x.x >>>>> ads-replprovport: 10389 >>>>> ads-replrefreshinterval: 60000 >>>>> ads-replrefreshnpersist: true >>>>> ads-replsearchfilter: (objectClass=*) >>>>> ads-replsearchscope: sub >>>>> ads-replsearchsizelimit: 0 >>>>> ads-replsearchtimeout: 0 >>>>> ads-repluserdn: uid=admin,ou=system >>>>> ads-repluserpassword:: xxxxxxxxx >>>>> ads-searchbasedn: dc=xxx,dc=xx >>>>> ads-replstrictcertvalidation: false >>>>> ads-replusetls: false >>>>> >>>>> On 05/10/2012 10:29 AM, Kiran Ayyagari wrote: >>>>>> can you provide the complete entry data with DN >>>>>> >>>>>> ads-replConsumerId=<whatever-id-you-have-here>,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config >>>>>> >>>>>> (remove the seerver IP and user credentials if they are sensitive) >>>>>> >>>>>> On Thu, May 10, 2012 at 1:38 PM, houmles <[email protected]> wrote: >>>>>>> ups, forgot to mention 2.0.0-M6 >>>>>>> >>>>>>> On 05/10/2012 10:00 AM, Emmanuel Lécharny wrote: >>>>>>>> Le 5/10/12 9:48 AM, houmles a écrit : >>>>>>>>> Hi, >>>>>>>> Hi, >>>>>>>>> I have fully working one ADS and want to replicate it to another. I >>>>>>>>> followed some tutorial and managed to replicate it but only just >>>>>>>>> DN's. I >>>>>>>>> can't get to sync attributes inside. >>>>>>>>> >>>>>>>>> My setting are: >>>>>>>>> ads-replsearchfilter: (objectClass=*) >>>>>>>>> ads-replsearchscope: sub >>>>>>>>> >>>>>>>>> is that ok? >>>>>>>>> I want to achieve full 1:1 replication. >>>>>>>>> >>>>>>>>> Thanks >>>>>>>> Which ADS version are you using ? >>>>>>>> >>>>>>>> >>>> >> >> -- Kiran Ayyagari
