The error message "Unable to acquire replica: error: permission denied"
seem to point to a mis-configuration of replication agreement for the DN
used to BIND, like a wrong password if basic authentication is used, or
a typo in the DN of the attribute nsDS5ReplicaBindDN
From
http://port389.org/ , the documentation is at
http://www.port389.org/docs/389ds/documentation.html
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9....
and more specifically
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9....
Thanks,
M.
On 01/27/2015 10:37 AM, Louis Bohm wrote:
I used the following docs to setup MMR on my CentOS 6.5 server:
http://trialanderrorlinux.wordpress.com/2013/06/22/ldap-directory-server-...
http://linuxrackers.com/doku.php?id=389_directory_server_setup_using_cent...
http://directory.fedoraproject.org/docs/389ds/howto/howto-walkthroughmult...
http://admintweets.com/389-ds-directory-services-multi-master-replication...
I am not doing TLS between the master just between the clients and
servers. Now i am looking at the error logs and I am seeing an error
in the log:
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): State: wait_for_changes ->
wait_for_changes
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): State: wait_for_changes ->
start
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): No linger to cancel on the
connection
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): Disconnected from the consumer
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): State: start ->
ready_to_acquire_replica
[27/Jan/2015:13:31:25 -0500] NSMMReplicationPlugin -
agmt="cn=ldap01.userRoot" (ldap02:389): State:
ready_to_acquire_replica -> wait_for_changes
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347
op=3 Acquired consumer connection extension
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347
op=3 repl="dc=us1,dc=site,dc=com": Begin incremental protocol
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347
op=3 replica="dc=us1,dc=site,dc=com": Unable to acquire replica:
error: permission denied
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347
op=3 repl="dc=us1,dc= site,dc=com": StartNSDS90ReplicationRequest:
response=3 rc=0
[27/Jan/2015:13:32:02 -0500] NSMMReplicationPlugin - conn=2347
op=3 Relinquishing consumer connection extension
Any idea what it could be? When I first set this up I did remember to
init the replica.
Louis
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users