AD group/user sync question
by Vesa Alho
Hi,
I have now 389 to AD sync working (thanks Rich!). Another question
related to that.
There are currently two Windows sync agreements:
1. Users
ou=People,dc=domain,dc=com <==> cn=Users,dc=domain,dc=com
2. Projects
ou=Projects,ou=Groups,dc=domain,dc=com <==> ou=Projects,dc=domain,dc=com
Problem:
cn=Project1,ou=Projects,ou=Groups,dc=domain,dc=com has group members
defined like this:
...
uniqueMember: uid=user,ou=People,dc=domain,dc=com
...
I get the following replication error:
map_dn_values: this entry is not ours uid=user,ou=People,dc=domain,dc=com
I guess it means that I can't mix groups and users from different sync
agreements? How would I solve this scenario then?
Mr. Vesa Alho
11 years, 1 month
How to make sure that all slave server has same data
by Fosiul Alam
Hi
I just wanted to know whats the best practice to make sure all Slave
as same data as master.
while reading on google, i got bellow command also 1 script to
monitor ldap replication status.
[root@blob]# ldapsearch -x -b "cn=mapping tree,cn=config" -D
"cn=Directory Manager" -w YOURPASSWORD
objectClass=nsDS5ReplicationAgreement nsds5replicaLastUpdateStatus -LL
I have checked this against our 6 slave server and they all returned :
nsds5replicaLastUpdateStatus: 0 Incremental update succeeded
but still one of the slave did not have same data as master ,
after I reinitialise the slave replication , the data was Ok
So if i want to create a script to monitor slave replication status
and wants to make sure that all slave as same data as master
what will be the best practice ??
Thanks
Fosiul
11 years, 1 month
invalid password syntax - passwords with storage scheme are not allowed
by Fosiul Alam
Hi Expert
We have 389 server installed with ssl enabled.
When we try to change password from centos 5 servers its fine . but
from centos 6, i get bellow error :
Changing password for user testuser
Enter login(LDAP) password:
New password:
Retype new password:
LDAP password information update failed: Constraint violation
invalid password syntax - passwords with storage scheme are not allowed
passwd: Authentication token manipulation error
we have this in /etc/ldap.conf
ssl start_tls
tls_cacertfile /etc/openldap/cert/ourcert.crt
pam_password clear
same /etc/ldap.conf works fine in centos5 but for centos6 its looks
like not working
what shall i do ??
Thanks for help
11 years, 1 month