On 3 Mar 2021, at 02:10, Chris Patterson <cpatter12(a)gmail.com&gt; wrote: Using 389 DS and directory server replication is failing. I am getting: NSMMReplictionPlugin Unable to require replica for total update error 49 retrying NSMMReplicationPlugin bind_and_check_pwp Replication bind with SIMPLE auth failed LDAP error 19 (constraint violation) (Exceed password retry limit) This used to work until the 180 password time frame happened on this new-ish server. I almost suspect it is the server wide password policy that has caused this

On 3 Mar 2021, at 23:29, Chris Patterson <cpatter12(a)gmail.com&gt; wrote: The replication was a multiple master between two RHEL 7.7 servers running 389 ds. It really looks like the replication manager password expired. I found in a RH DS manual that if a password expiration policy is in force to disable it on the replication manager. So what I need is a way to either reset the replication manager password, probably from the command line, or recreate it and recreate the replication agreement. I also had to reset the directory manager password so I could in turn reset the admin login on the 389 console gui. On Tue, Mar 2, 2021 at 5:21 PM William Brown <wbrown(a)suse.de&gt; wrote: > On 3 Mar 2021, at 02:10, Chris Patterson <cpatter12(a)gmail.com&gt; wrote: > > Using 389 DS and directory server replication is failing. I am getting: > > NSMMReplictionPlugin Unable to require replica for total update error 49 retrying > > NSMMReplicationPlugin bind_and_check_pwp Replication bind with SIMPLE auth failed LDAP error 19 (constraint violation) (Exceed password retry limit) > > This used to work until the 180 password time frame happened on this new-ish server. > I almost suspect it is the server wide password policy that has caused this Can you please provide more details about the replication agreements and the accounts you are using for authenticating these agreements? — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs, Australia _______________________________________________ 389-users mailing list -- 389-users(a)lists.fedoraproject.org To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure _______________________________________________ 389-users mailing list -- 389-users(a)lists.fedoraproject.org To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure