--On Monday, February 03, 2014 3:31 PM -0500 "Borresen, John - 0442 - MITLL" John.Borresen@ll.mit.edu wrote:
Thanks for your assistance Quanah!
About the userPassword attributes...
On Apache Directory Studio (we only normally use it as a quick visual reference)...but, we bind both servers as cn=ldapadmin,dc=example,dc=ldap & cn=admin,cn=config (plus now uid=replicator,ou=Admins,dc=example,dc=ldap).
I just tested an ldapsearch by binding to the uid=replicator and the userPassword attribute returns when searching for it...though both are different from each other (verified with other users "jdoe2" and "jdoe3", etc)
If it is correct via ldapsearch, that is what counts. ADS may be attempting some security by hiding userPassword?
Supposedly, if I update one server, the other server should update, too. That is if they are properly talking. Correct?
And assuming your masters are in sync to start with, which is critical when thinking about replication. It would appear you've been allowing writes ops to each master prior to getting replication working?
I believe you mentioned before this is a test environment. I would suggest you reload your secondary master from the primary master, and then test replication.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Hmmmmmmmm,
Taking your advice to reload the secondary from the primary...by creating master set of ldifs off of the primary (mm-server1):
On the primary (mm-server1): # slapcat -F /usr/local/openldap/etc/openldap/slapd.d -l backup/example_ldap.ldif -b dc=example,dc=ldap 52f000f2 ldif_read_file: checksum error on "/usr/local/openldap/etc/openldap/slapd.d/cn=config.ldif" 52f000f2 bdb_monitor_db_open: monitoring disabled; configure monitor database to enable
On the secondary (mm-server2): the same command worked...
Thanks in advance John
-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Monday, February 03, 2014 3:37 PM To: Borresen, John - 0442 - MITLL; openldap-technical@openldap.org Subject: RE: Syncrepl and mmr
--On Monday, February 03, 2014 3:31 PM -0500 "Borresen, John - 0442 - MITLL" John.Borresen@ll.mit.edu wrote:
Thanks for your assistance Quanah!
About the userPassword attributes...
On Apache Directory Studio (we only normally use it as a quick visual reference)...but, we bind both servers as cn=ldapadmin,dc=example,dc=ldap & cn=admin,cn=config (plus now uid=replicator,ou=Admins,dc=example,dc=ldap).
I just tested an ldapsearch by binding to the uid=replicator and the userPassword attribute returns when searching for it...though both are different from each other (verified with other users "jdoe2" and "jdoe3", etc)
If it is correct via ldapsearch, that is what counts. ADS may be attempting some security by hiding userPassword?
Supposedly, if I update one server, the other server should update, too. That is if they are properly talking. Correct?
And assuming your masters are in sync to start with, which is critical when thinking about replication. It would appear you've been allowing writes ops to each master prior to getting replication working?
I believe you mentioned before this is a test environment. I would suggest you reload your secondary master from the primary master, and then test replication.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
Borresen, John - 0442 - MITLL -
Quanah Gibson-Mount