I will take a look at the docs you suggest.  Having re-built this a few times the last time I made sure to write down my passwords and cut an paste them in so I would not have type-os.  But anything is possible.

Louis
On Jan 27, 2015, at 3:35 PM, Marc Sauton <msauton@redhat.com> wrote:

The error message "Unable to acquire replica: error: permission denied" seem to point to a mis-configuration of replication agreement for the DN used to BIND, like a wrong password if basic authentication is used, or a typo in the DN of the attribute nsDS5ReplicaBindDN
From http://port389.org/ , the documentation is at
http://www.port389.org/docs/389ds/documentation.html
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/index.html
and more specifically
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html
Thanks,
M.

On 01/27/2015 10:37 AM, Louis Bohm wrote:
I used the following docs to setup MMR on my CentOS 6.5 server:
I am not doing TLS between the master just between the clients and servers.  Now i am looking at the error logs and I am seeing an error in the log:

[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): State: wait_for_changes -> wait_for_changes
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): State: wait_for_changes -> start
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): No linger to cancel on the connection
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): Disconnected from the consumer
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): State: start -> ready_to_acquire_replica
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin - agmt="cn=ldap01.userRoot" (ldap02:389): State: ready_to_acquire_replica -> wait_for_changes
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347 op=3 Acquired consumer connection extension
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347 op=3 repl="dc=us1,dc=site,dc=com": Begin incremental protocol
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347 op=3 replica="dc=us1,dc=site,dc=com": Unable to acquire replica: error: permission denied
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347 op=3 repl="dc=us1,dc= site,dc=com": StartNSDS90ReplicationRequest: response=3 rc=0
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347 op=3 Relinquishing consumer connection extension
Any idea what it could be?  When I first set this up I did remember to init the replica.

Louis
 

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users