You should be able to reset this by setting the pw in the replication manager entry in the
cn=config of dse.ldif when the sevre is stopped, or you can use something like ldapmodify
/ ldapvi to reset the password.
As for excluding the pwpolicy, I'd need to double check the docs, I don't know
everything :)
On 3 Mar 2021, at 23:29, Chris Patterson <cpatter12(a)gmail.com>
wrote:
The replication was a multiple master between two RHEL 7.7 servers running 389 ds. It
really looks like the replication manager password expired. I found in a RH DS manual that
if a password expiration policy is in force to disable it on the replication manager. So
what I need is a way to either reset the replication manager password, probably from the
command line, or recreate it and recreate the replication agreement.
I also had to reset the directory manager password so I could in turn reset the admin
login on the 389 console gui.
On Tue, Mar 2, 2021 at 5:21 PM William Brown <wbrown(a)suse.de> wrote:
> On 3 Mar 2021, at 02:10, Chris Patterson <cpatter12(a)gmail.com> wrote:
>
> Using 389 DS and directory server replication is failing. I am getting:
>
> NSMMReplictionPlugin Unable to require replica for total update error 49 retrying
>
> NSMMReplicationPlugin bind_and_check_pwp Replication bind with SIMPLE auth failed
LDAP error 19 (constraint violation) (Exceed password retry limit)
>
> This used to work until the 180 password time frame happened on this new-ish server.
> I almost suspect it is the server wide password policy that has caused this
Can you please provide more details about the replication agreements and the accounts you
are using for authenticating these agreements?
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs, Australia