FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 10-14-2008, 10:42 PM
"Vipul Ramani"
 
Default SYNC without password ...

Hi All ,

I am doing Active directory ----> FDS ( ssl) , all attribute is replicated from ADC ---> FDS .. But i am not able to see password attribute in FDS ?

Replication
FDS - working as master

Passync for replication

*replication is happening from Active Directory:636 ---- > FDS : 636 .


Am i am missing something ...

------Adc user profile , which is replicated in FDS -------
dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com

ntUniqueId: f96921fe188c4b47a243ab088512103d
givenName: vipul
sn: r
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
uid: vramani

ntUserDeleteAccount: true
cn: vipul r
ntUserDomainId: vramani
ntUserAcctExpires: 9223372036854775807
ntUserCodePage: 0
------
----acess------


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL

[14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"

[14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0 tag=101 nentries=0 etime=1
[14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH base="dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19 -0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0

[14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH base="dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0 tag=101 nentries=1 etime=0

[14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0 tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700] conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL

[14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH base="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry ))" attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress nsds5replicaLastInitStart nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"

[14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31 -0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0

[14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700] conn=3 op=128 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"

[14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0 tag=103 nentries=0 etime=0
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"

[14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0 tag=101 nentries=18 etime=0
------


thanks in Adv...


--
Regards

Vipul Ramani



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 12:10 AM
"Vipul Ramani"
 
Default SYNC without password ...

--- passyc log ---

10/14/08 17:05:56: Failed to load entries from file
10/14/08 17:05:56: Ldap bind error in Connect
*** 48: Inappropriate authentication
10/14/08 17:05:56: Can not connect to ldap server in SyncPasswords

-----------------------------

ADC ( where passysnc installed )* #




On the Directory Server, export the server certificate using pk12util.


FDS# pk12util -d . -o servercert.pfx -n Server-Cert
then ,

Import the server certificate from the Directory Server into the new certificate databases using pk12util.exe.

pk12util.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -i servercert.pfx

then


Give trusted peer status to the server.


certutil.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -M
-n Server-Cert -t "P,P,P"


C:Program Files (x86)Red Hat Directory Password Synchronization>certutil.exe -

L -d . -P
CA certificate*************************************** ******* c,c,c
Server-Cert********************************************** *** Pu,Pu,Pu** <-- imported from FDS

C:Program Files (x86)Red Hat Directory Password Synchronization>

---------------------------

still same error . ...





On Tue, Oct 14, 2008 at 3:42 PM, Vipul Ramani <vipulramani@gmail.com> wrote:

Hi All ,

I am doing Active directory ----> FDS ( ssl) , all attribute is replicated from ADC ---> FDS .. But i am not able to see password attribute in FDS ?


Replication
FDS - working as master

Passync for replication

*replication is happening from Active Directory:636 ---- > FDS : 636 .


Am i am missing something ...

------Adc user profile , which is replicated in FDS -------
dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com


ntUniqueId: f96921fe188c4b47a243ab088512103d
givenName: vipul
sn: r
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
uid: vramani


ntUserDeleteAccount: true
cn: vipul r
ntUserDomainId: vramani
ntUserAcctExpires: 9223372036854775807
ntUserCodePage: 0
------
----acess------


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"


[14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0 tag=101 nentries=0 etime=1
[14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH base="dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19 -0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0


[14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH base="dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0 tag=101 nentries=1 etime=0


[14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0 tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700] conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL


[14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH base="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry ))" attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress nsds5replicaLastInitStart nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"


[14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31 -0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0


[14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700] conn=3 op=128 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"


[14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0 tag=103 nentries=0 etime=0
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"


[14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0 tag=101 nentries=18 etime=0
------


thanks in Adv...




--
Regards

Vipul Ramani




--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 12:26 AM
"Vipul Ramani"
 
Default SYNC without password ...

I feel i am so close to solve this problem ..since long time .. if any 1 have clue where what i forgot ...


I changed password of cn=replication,cn=config

and now only i am getting error

----passsync log ----

10/14/08 17:24:19: Failed to load entries from file***** ##### I dont know Failed to load entires from FILE* ( WHICH PassSync talking about ) #####
10/14/08 17:26:41: Failed to load entries from file

10/14/08 17:26:41: PassSync service stopped
10/14/08 17:26:42: PassSync service started
10/14/08 17:26:42: Failed to load entries from file

----------------
* /var/log/dir-serv/slapd-linux2/access*



[14/Oct/2008:10:21:20 -0700] conn=38 fd=69 slot=69 SSL connection from 192.168.1.200 to 192.168.1.210
[14/Oct/2008:10:21:20 -0700] conn=38 SSL 128-bit RC4

[14/Oct/2008:10:21:20 -0700] conn=38 op=0 BIND dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:20 -0700] conn=38 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication,cn=config"

[14/Oct/2008:10:21:20 -0700] conn=38 op=1 UNBIND
[14/Oct/2008:10:21:20 -0700] conn=38 op=1 fd=69 closed - U1
[14/Oct/2008:10:21:21 -0700] conn=39 fd=69 slot=69 SSL connection from 192.168.1.200 to 192.168.1.210

[14/Oct/2008:10:21:21 -0700] conn=39 SSL 128-bit RC4
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 BIND dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication,cn=config"

[14/Oct/2008:10:21:21 -0700] conn=39 op=1 UNBIND
[14/Oct/2008:10:21:21 -0700] conn=39 op=1 fd=69 closed - U1

/var/log/dir-serv/slapd-linux2/errors** NO ERRORs ..

On Tue, Oct 14, 2008 at 5:10 PM, Vipul Ramani <vipulramani@gmail.com> wrote:


--- passyc log ---

10/14/08 17:05:56: Failed to load entries from file

10/14/08 17:05:56: Ldap bind error in Connect
*** 48: Inappropriate authentication
10/14/08 17:05:56: Can not connect to ldap server in SyncPasswords

-----------------------------

ADC ( where passysnc installed )* #




On the Directory Server, export the server certificate using pk12util.


FDS# pk12util -d . -o servercert.pfx -n Server-Cert
then ,

Import the server certificate from the Directory Server into the new certificate databases using pk12util.exe.

pk12util.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -i servercert.pfx

then


Give trusted peer status to the server.


certutil.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -M
-n Server-Cert -t "P,P,P"


C:Program Files (x86)Red Hat Directory Password Synchronization>certutil.exe -


L -d . -P
CA certificate*************************************** ******* c,c,c
Server-Cert********************************************** *** Pu,Pu,Pu** <-- imported from FDS

C:Program Files (x86)Red Hat Directory Password Synchronization>


---------------------------

still same error . ...





On Tue, Oct 14, 2008 at 3:42 PM, Vipul Ramani <vipulramani@gmail.com> wrote:


Hi All ,

I am doing Active directory ----> FDS ( ssl) , all attribute is replicated from ADC ---> FDS .. But i am not able to see password attribute in FDS ?



Replication
FDS - working as master

Passync for replication

*replication is happening from Active Directory:636 ---- > FDS : 636 .


Am i am missing something ...

------Adc user profile , which is replicated in FDS -------
dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com



ntUniqueId: f96921fe188c4b47a243ab088512103d
givenName: vipul
sn: r
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
uid: vramani



ntUserDeleteAccount: true
cn: vipul r
ntUserDomainId: vramani
ntUserAcctExpires: 9223372036854775807
ntUserCodePage: 0
------
----acess------


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL



[14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"



[14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0 tag=101 nentries=0 etime=1
[14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH base="dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19 -0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0



[14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH base="dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0 tag=101 nentries=1 etime=0



[14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0 tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700] conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL



[14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH base="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry ))" attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress nsds5replicaLastInitStart nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"



[14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31 -0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0



[14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700] conn=3 op=128 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"



[14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0 tag=103 nentries=0 etime=0
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"



[14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0 tag=101 nentries=18 etime=0
------


thanks in Adv...




--
Regards

Vipul Ramani







--
Regards

Vipul Ramani



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 08:59 PM
"Vipul Ramani"
 
Default SYNC without password ...

Any luck ??? any 1 one who had pass through same problem ...

Clueless no errors ( FDS , ADC ) only PassSync Error ..which is mentioned below ...



On Tue, Oct 14, 2008 at 5:26 PM, Vipul Ramani <vipulramani@gmail.com> wrote:


I feel i am so close to solve this problem ..since long time .. if any 1 have clue where what i forgot ...



I changed password of cn=replication,cn=config

and now only i am getting error

----passsync log ----

10/14/08 17:24:19: Failed to load entries from file***** ##### I dont know Failed to load entires from FILE* ( PassSync talking about which file* ) #####
10/14/08 17:26:41: Failed to load entries from file


10/14/08 17:26:41: PassSync service stopped
10/14/08 17:26:42: PassSync service started
10/14/08 17:26:42: Failed to load entries from file

----------------
* /var/log/dir-serv/slapd-linux2/access*




[14/Oct/2008:10:21:20 -0700] conn=38 fd=69 slot=69 SSL connection from 192.168.1.200 to 192.168.1.210
[14/Oct/2008:10:21:20 -0700] conn=38 SSL 128-bit RC4


[14/Oct/2008:10:21:20 -0700] conn=38 op=0 BIND dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:20 -0700] conn=38 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication,cn=config"


[14/Oct/2008:10:21:20 -0700] conn=38 op=1 UNBIND
[14/Oct/2008:10:21:20 -0700] conn=38 op=1 fd=69 closed - U1
[14/Oct/2008:10:21:21 -0700] conn=39 fd=69 slot=69 SSL connection from 192.168.1.200 to 192.168.1.210


[14/Oct/2008:10:21:21 -0700] conn=39 SSL 128-bit RC4
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 BIND dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication,cn=config"


[14/Oct/2008:10:21:21 -0700] conn=39 op=1 UNBIND
[14/Oct/2008:10:21:21 -0700] conn=39 op=1 fd=69 closed - U1

/var/log/dir-serv/slapd-linux2/errors** NO ERRORs ..


On Tue, Oct 14, 2008 at 5:10 PM, Vipul Ramani <vipulramani@gmail.com> wrote:


--- passyc log ---

10/14/08 17:05:56: Failed to load entries from file


10/14/08 17:05:56: Ldap bind error in Connect
*** 48: Inappropriate authentication
10/14/08 17:05:56: Can not connect to ldap server in SyncPasswords

-----------------------------

ADC ( where passysnc installed )* #




On the Directory Server, export the server certificate using pk12util.


FDS# pk12util -d . -o servercert.pfx -n Server-Cert
then ,

Import the server certificate from the Directory Server into the new certificate databases using pk12util.exe.

pk12util.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -i servercert.pfx

then


Give trusted peer status to the server.


certutil.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -M
-n Server-Cert -t "P,P,P"


C:Program Files (x86)Red Hat Directory Password Synchronization>certutil.exe -



L -d . -P
CA certificate*************************************** ******* c,c,c
Server-Cert********************************************** *** Pu,Pu,Pu** <-- imported from FDS

C:Program Files (x86)Red Hat Directory Password Synchronization>



---------------------------

still same error . ...





On Tue, Oct 14, 2008 at 3:42 PM, Vipul Ramani <vipulramani@gmail.com> wrote:



Hi All ,

I am doing Active directory ----> FDS ( ssl) , all attribute is replicated from ADC ---> FDS .. But i am not able to see password attribute in FDS ?




Replication
FDS - working as master

Passync for replication

*replication is happening from Active Directory:636 ---- > FDS : 636 .


Am i am missing something ...

------Adc user profile , which is replicated in FDS -------
dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com




ntUniqueId: f96921fe188c4b47a243ab088512103d
givenName: vipul
sn: r
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
uid: vramani




ntUserDeleteAccount: true
cn: vipul r
ntUserDomainId: vramani
ntUserAcctExpires: 9223372036854775807
ntUserCodePage: 0
------
----acess------


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL




[14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"




[14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0 tag=101 nentries=0 etime=1
[14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH base="dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19 -0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0




[14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH base="dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0 tag=101 nentries=1 etime=0




[14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0 tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700] conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL




[14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH base="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry ))" attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress nsds5replicaLastInitStart nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"




[14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH base="cn=replication,cn=config" scope=2 filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31 -0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0




[14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0 tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700] conn=3 op=128 MOD dn="cn=Vedant, cn=replica, cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"




[14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0 tag=103 nentries=0 etime=0
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1 filter="(objectClass=*)" attrs="objectClass"




[14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0 tag=101 nentries=18 etime=0
------


thanks in Adv...




--
Regards

Vipul Ramani








--
Regards

Vipul Ramani





--
Regards

Vipul Ramani



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 09:05 PM
Rich Megginson
 
Default SYNC without password ...

Vipul Ramani wrote:

Any luck ??? any 1 one who had pass through same problem ...

Clueless no errors ( FDS , ADC ) only PassSync Error ..which is
mentioned below ...




On Tue, Oct 14, 2008 at 5:26 PM, Vipul Ramani <vipulramani@gmail.com
<mailto:vipulramani@gmail.com>> wrote:



I feel i am so close to solve this problem ..since long time .. if
any 1 have clue where what i forgot ...


I changed password of cn=replication,cn=config

and now only i am getting error
----passsync log ----

10/14/08 17:24:19: Failed to load entries from file ##### I
dont know Failed to load entires from FILE *( PassSync talking
about which file ) *#####
10/14/08 17:26:41: Failed to load entries from file
10/14/08 17:26:41: PassSync service stopped
10/14/08 17:26:42: PassSync service started
10/14/08 17:26:42: Failed to load entries from file

I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).



----------------
/var/log/dir-serv/slapd-linux2/access



[14/Oct/2008:10:21:20 -0700] conn=38 fd=69 slot=69 SSL connection
from 192.168.1.200 <http://192.168.1.200> to 192.168.1.210
<http://192.168.1.210>
[14/Oct/2008:10:21:20 -0700] conn=38 SSL 128-bit RC4
[14/Oct/2008:10:21:20 -0700] conn=38 op=0 BIND
dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:20 -0700] conn=38 op=0 RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=replication,cn=config"
[14/Oct/2008:10:21:20 -0700] conn=38 op=1 UNBIND
[14/Oct/2008:10:21:20 -0700] conn=38 op=1 fd=69 closed - U1
[14/Oct/2008:10:21:21 -0700] conn=39 fd=69 slot=69 SSL connection
from 192.168.1.200 <http://192.168.1.200> to 192.168.1.210
<http://192.168.1.210>
[14/Oct/2008:10:21:21 -0700] conn=39 SSL 128-bit RC4
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 BIND
dn="cn=replication,cn=config" method=128 version=2
[14/Oct/2008:10:21:21 -0700] conn=39 op=0 RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=replication,cn=config"
[14/Oct/2008:10:21:21 -0700] conn=39 op=1 UNBIND
[14/Oct/2008:10:21:21 -0700] conn=39 op=1 fd=69 closed - U1

/var/log/dir-serv/slapd-linux2/errors NO ERRORs ..

On Tue, Oct 14, 2008 at 5:10 PM, Vipul Ramani
<vipulramani@gmail.com <mailto:vipulramani@gmail.com>> wrote:


--- passyc log ---

10/14/08 17:05:56: Failed to load entries from file
10/14/08 17:05:56: Ldap bind error in Connect
48: Inappropriate authentication
10/14/08 17:05:56: Can not connect to ldap server in SyncPasswords
-----------------------------

ADC ( where passysnc installed ) #

On the Directory Server, export the server certificate using
|pk12util|.

FDS# pk12util -d . -o servercert.pfx -n Server-Cert


then ,

Import the server certificate from the Directory Server into
the new certificate databases using p|k12util.exe|.

pk12util.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -i servercert.pfx



then

Give trusted peer status to the server.

certutil.exe -d "C:Program FilesRed Hat Directory Password Synchronization" -M
-n Server-Cert -t "P,P,P"





C:Program Files (x86)Red Hat Directory Password
Synchronization>certutil.exe -
L -d . -P
CA certificate c,c,c
Server-Cert
Pu,Pu,Pu <-- imported from FDS


C:Program Files (x86)Red Hat Directory Password Synchronization>
---------------------------

still same error . ...





On Tue, Oct 14, 2008 at 3:42 PM, Vipul Ramani
<vipulramani@gmail.com <mailto:vipulramani@gmail.com>> wrote:

Hi All ,

I am doing Active directory ----> FDS ( ssl) , all
attribute is replicated from ADC ---> FDS .. But i am not
able to see password attribute in FDS ?

Replication
FDS - working as master
Passync for replication

replication is happening from Active Directory:636 ---- >
FDS : 636 .


Am i am missing something ...

------Adc user profile , which is replicated in FDS -------
dn: uid=vramani, ou=People, dc=tf-lab,dc=test,dc=com
ntUniqueId: f96921fe188c4b47a243ab088512103d
givenName: vipul
sn: r
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
uid: vramani
ntUserDeleteAccount: true
cn: vipul r
ntUserDomainId: vramani
ntUserAcctExpires: 9223372036854775807
ntUserCodePage: 0
------
----acess------


[14/Oct/2008:08:37:16 -0700] conn=4 op=170 SRCH
base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0
filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:16 -0700] conn=4 op=170 RESULT err=0
tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 SRCH
base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1
filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:17 -0700] conn=4 op=171 RESULT err=0
tag=101 nentries=0 etime=1
[14/Oct/2008:08:37:19 -0700] conn=4 op=173 SRCH
base="dc=tf-lab,dc=test,dc=com" scope=0
filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:19
-0700] conn=4 op=173 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 SRCH
base="dc=tf-lab,dc=test,dc=com" scope=1
filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:19 -0700] conn=4 op=174 RESULT err=0
tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 SRCH
base="ou=People, dc=tf-lab,dc=test,dc=com" scope=0
filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:20 -0700] conn=4 op=175 RESULT err=0
tag=101 nentries=1 etime=0[14/Oct/2008:08:37:26 -0700]
conn=3 op=122 SRCH base="cn=replication,cn=config" scope=2
filter="(objectClass=*)" attrs=ALL
[14/Oct/2008:08:37:26 -0700] conn=3 op=122 RESULT err=0
tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:27 -0700] conn=3 op=124 MOD
dn="cn=Vedant, cn=replica,
cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree,
cn=config" [14/Oct/2008:08:37:27 -0700] conn=3 op=124
RESULT err=0 tag=103 nentries=0
etime=0[14/Oct/2008:08:37:27 -0700] conn=3 op=125 SRCH
base="cn=Vedant, cn=replica,
cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree,
cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry ))"
attrs="nsds5replicaLastUpdateStart
nsds5replicaLastUpdateEnd
nsds5replicaChangesSentSinceStartup
nsds5replicaLastUpdateStatus nsds5replicaUpdateInProgress
nsds5replicaLastInitStart nsds5replicaLastInitEnd
nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
[14/Oct/2008:08:37:27 -0700] conn=3 op=125 RESULT err=0
tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=126 SRCH
base="cn=replication,cn=config" scope=2
filter="(objectClass=*)" attrs=ALL[14/Oct/2008:08:37:31
-0700] conn=3 op=126 RESULT err=0 tag=101 nentries=1 etime=0
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 MOD
dn="cn=Vedant, cn=replica,
cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=127 RESULT err=0
tag=103 nentries=0 etime=0[14/Oct/2008:08:37:31 -0700]
conn=3 op=128 MOD dn="cn=Vedant, cn=replica,
cn=22dc=tf-lab,dc=test,dc=com22, cn=mapping tree, cn=config"
[14/Oct/2008:08:37:31 -0700] conn=3 op=128 RESULT err=0
tag=103 nentries=0 etime=0
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 SRCH
base="ou=People, dc=tf-lab,dc=test,dc=com" scope=1
filter="(objectClass=*)" attrs="objectClass"
[14/Oct/2008:08:37:37 -0700] conn=4 op=176 RESULT err=0
tag=101 nentries=18 etime=0
------


thanks in Adv...





--
Regards


Vipul Ramani




--
Regards


Vipul Ramani




--
Regards

Vipul Ramani

------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 09:15 PM
"Vipul Ramani"
 
Default SYNC without password ...

Hi* Rich ,

But i can login and changed the password of ADC users.*

is there any other way to debug in to the deep ??? Kindly suggest i am ready* ....


I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).





Regards
Vipul Ramani


--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-15-2008, 09:20 PM
Rich Megginson
 
Default SYNC without password ...

Vipul Ramani wrote:



Hi Rich ,

But i can login and changed the password of ADC users.

is there any other way to debug in to the deep ??? Kindly suggest i am
ready ....

I don't know.



I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).






Regards

Vipul Ramani
------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-16-2008, 09:44 PM
"Vipul Ramani"
 
Default SYNC without password ...

I enabled logleve 8192 in error log of FDS*

linux2.test2.com is FDS and* LABDC01 is ADC

I created sync aggrement between LDAP:636 and ADC:636 , but in logs it shows still ldap://linux2.test2.com:389 ---


---- error of FDS ----


16/Oct/2008:07:33:15 -0700] - acquire_replica, supplier RUV is newer
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Cancelling linger on the connection

[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - windows_acquire_replica returned success (101)
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): State: ready_to_acquire_replica -> sending_updates[16/Oct/2008:07:33:15 -0700] - csngen_adjust_time: gen state before 48f750ab0003:1224167595:0:0

[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay (agmt="cn=Vedant" (LABDC01:636)): Consumer RUV:
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replicageneration} 48f373b90000014d0000[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replica 333 ldap://linux2.test2.com:389} 48f3772f0000014d0000 48f74f7b0013014d0000 48f74f7b

[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay (agmt="cn=Vedant" (LABDC01:636)): Supplier RUV:[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replicageneration} 48f373b90000014d0000

[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replica 333 ldap://linux2.test2.com:389} 48f3772f0000014d0000 48f750ab0001014d0000 48f750ab

[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - session start: anchorcsn=48f74f7b0013014d0000
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - changelog program - agmt="cn=Vedant" (LABDC01:636): CSN 48f74f7b0013014d0000 found

, position set for replay
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - load=1 rec=1 csn=48f750ab0001014d0000[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): windows_replay_update: Looking at modify operation

*local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" (ours,user,not group) [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): map_entry_dn_outbound: looking for AD entry for DS

*dn="uid=vramani,ou=People, dc=tf-lab,dc=test2,dc=com" guid="f96921fe188c4b47a243ab088512103d"
[16/Oct/2008:07:33:15 -0700] - Calling windows entry search request plugin[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the connection

[16/Oct/2008:07:33:15 -0700] - windows_search_entry: recieved 2 messages, 1 entries, 0 references
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): map_entry_dn_outbound: return code 0 from search f

or AD entry dn="<GUID=f96921fe188c4b47a243ab088512103d>" or dn="CN=vipul r,CN=Users,DC=tf-lab,DC=test2,DC=com"
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): windows_replay_update: Processing modify operation

*local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" remote dn="<GUID=f96921fe188c4b47a243ab088512103d>"
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - clcache_load_buffer: rc=-30989



-----

i see this " Linger time out has expired the connection "

16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Beginning linger on the connection

[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): State: sending_updates -> wait_for_changes
[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the connection

[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Disconnected from the consumer


Any any clue


On Wed, Oct 15, 2008 at 2:15 PM, Vipul Ramani <vipulramani@gmail.com> wrote:



Hi* Rich ,

But i can login and changed the password of ADC users.*


is there any other way to debug in to the deep ??? Kindly suggest i am ready* ....


I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).





Regards
Vipul Ramani




--
Regards

Vipul Ramani



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-16-2008, 10:10 PM
Rich Megginson
 
Default SYNC without password ...

Vipul Ramani wrote:
I enabled logleve 8192 in error log of FDS


linux2.test2.com <http://linux2.test2.com> is FDS and LABDC01 is ADC

I created sync aggrement between LDAP:636 and ADC:636 , but in logs it
shows still *ldap://linux2.test2.com:389 <http://linux2.test2.com:389>
---

*
That's just the "name" of the agreement not the actual protocol and port
used to connect. It looks as though the code is successfully connecting
to AD.

*
---- error of FDS ----
*

16/Oct/2008:07:33:15 -0700] - acquire_replica, supplier RUV is newer
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): Cancelling linger on the connection
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
windows_acquire_replica returned success (101)
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): State: ready_to_acquire_replica ->
sending_updates[16/Oct/2008:07:33:15 -0700] - csngen_adjust_time: gen
state before 48f750ab0003:1224167595:0:0
[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay
(agmt="cn=Vedant" (LABDC01:636)): Consumer RUV:
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): {replicageneration}
48f373b90000014d0000[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin
- agmt="cn=Vedant" (LABDC01:636): {replica 333
ldap://linux2.test2.com:389 <http://linux2.test2.com:389>}
48f3772f0000014d0000 48f74f7b0013014d0000 48f74f7b
[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay
(agmt="cn=Vedant" *(LABDC01:636)*): Supplier RUV:[16/Oct/2008:07:33:15
-0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636):
{replicageneration} 48f373b90000014d0000
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): {replica 333 *ldap://linux2.test2.com:389
<http://linux2.test2.com:389>*} 48f3772f0000014d0000
48f750ab0001014d0000 48f750ab
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - session
start: anchorcsn=48f74f7b0013014d0000
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - changelog program
- agmt="cn=Vedant" (LABDC01:636): CSN 48f74f7b0013014d0000 found

, position set for replay
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - load=1
rec=1 csn=48f750ab0001014d0000[16/Oct/2008:07:33:15 -0700]
NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636):
windows_replay_update: Looking at modify operation
local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com"
(ours,user,not group) [16/Oct/2008:07:33:15 -0700]
NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636):
map_entry_dn_outbound: looking for AD entry for DS
dn="uid=vramani,ou=People, dc=tf-lab,dc=test2,dc=com"
guid="f96921fe188c4b47a243ab088512103d"
[16/Oct/2008:07:33:15 -0700] - Calling windows entry search request
plugin[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin -
agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the
connection
[16/Oct/2008:07:33:15 -0700] - windows_search_entry: recieved 2
messages, 1 entries, 0 references
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): map_entry_dn_outbound: return code 0 from search f
or AD entry dn="<GUID=f96921fe188c4b47a243ab088512103d>" or
dn="CN=vipul r,CN=Users,DC=tf-lab,DC=test2,DC=com"
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): windows_replay_update: Processing modify operation
local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" remote
dn="<GUID=f96921fe188c4b47a243ab088512103d>"
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) -
clcache_load_buffer: rc=-30989



-----

i see this *" Linger time out has expired the connection " *

16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): Beginning linger on the connection
[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): State: sending_updates -> wait_for_changes
[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): *Linger timeout has expired on the connection*
[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant"
(LABDC01:636): Disconnected from the consumer



Any any clue

That's normal. I don't see any errors here.



On Wed, Oct 15, 2008 at 2:15 PM, Vipul Ramani <vipulramani@gmail.com
<mailto:vipulramani@gmail.com>> wrote:




Hi Rich ,

But i can login and changed the password of ADC users.

is there any other way to debug in to the deep ??? Kindly suggest
i am ready ....


I'm not sure, but I think this means that there were no passwords
to sync from AD to Fedora DS. It keeps a queue of passwords to
send in a file (encrypted).








Regards
Vipul Ramani




--
Regards

Vipul Ramani

------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 10-17-2008, 12:30 AM
"Vipul Ramani"
 
Default SYNC without password ...

Hey Rich ,


Do really need Password policy @ Active directory and Password policy @ FDS needs to be same .... is that i am missing ...





On Thu, Oct 16, 2008 at 2:44 PM, Vipul Ramani <vipulramani@gmail.com> wrote:

I enabled logleve 8192 in error log of FDS*

linux2.test2.com is FDS and* LABDC01 is ADC


I created sync aggrement between LDAP:636 and ADC:636 , but in logs it shows still ldap://linux2.test2.com:389 ---


---- error of FDS ----


16/Oct/2008:07:33:15 -0700] - acquire_replica, supplier RUV is newer
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Cancelling linger on the connection


[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - windows_acquire_replica returned success (101)
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): State: ready_to_acquire_replica -> sending_updates[16/Oct/2008:07:33:15 -0700] - csngen_adjust_time: gen state before 48f750ab0003:1224167595:0:0


[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay (agmt="cn=Vedant" (LABDC01:636)): Consumer RUV:
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replicageneration} 48f373b90000014d0000[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replica 333 ldap://linux2.test2.com:389} 48f3772f0000014d0000 48f74f7b0013014d0000 48f74f7b


[16/Oct/2008:07:33:15 -0700] - _cl5PositionCursorForReplay (agmt="cn=Vedant" (LABDC01:636)): Supplier RUV:[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replicageneration} 48f373b90000014d0000


[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): {replica 333 ldap://linux2.test2.com:389} 48f3772f0000014d0000 48f750ab0001014d0000 48f750ab


[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - session start: anchorcsn=48f74f7b0013014d0000
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - changelog program - agmt="cn=Vedant" (LABDC01:636): CSN 48f74f7b0013014d0000 found


, position set for replay
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - load=1 rec=1 csn=48f750ab0001014d0000[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): windows_replay_update: Looking at modify operation


*local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" (ours,user,not group) [16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): map_entry_dn_outbound: looking for AD entry for DS


*dn="uid=vramani,ou=People, dc=tf-lab,dc=test2,dc=com" guid="f96921fe188c4b47a243ab088512103d"
[16/Oct/2008:07:33:15 -0700] - Calling windows entry search request plugin[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the connection


[16/Oct/2008:07:33:15 -0700] - windows_search_entry: recieved 2 messages, 1 entries, 0 references
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): map_entry_dn_outbound: return code 0 from search f


or AD entry dn="<GUID=f96921fe188c4b47a243ab088512103d>" or dn="CN=vipul r,CN=Users,DC=tf-lab,DC=test2,DC=com"
[16/Oct/2008:07:33:15 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): windows_replay_update: Processing modify operation


*local dn="uid=vramani,ou=people,dc=tf-lab,dc=test2,dc=com" remote dn="<GUID=f96921fe188c4b47a243ab088512103d>"
[16/Oct/2008:07:33:15 -0700] agmt="cn=Vedant" (LABDC01:636) - clcache_load_buffer: rc=-30989




-----

i see this " Linger time out has expired the connection "

16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Beginning linger on the connection


[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): State: sending_updates -> wait_for_changes
[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Linger timeout has expired on the connection


[16/Oct/2008:07:43:16 -0700] NSMMReplicationPlugin - agmt="cn=Vedant" (LABDC01:636): Disconnected from the consumer


Any any clue



On Wed, Oct 15, 2008 at 2:15 PM, Vipul Ramani <vipulramani@gmail.com> wrote:



Hi* Rich ,

But i can login and changed the password of ADC users.*



is there any other way to debug in to the deep ??? Kindly suggest i am ready* ....


I'm not sure, but I think this means that there were no passwords to
sync from AD to Fedora DS. It keeps a queue of passwords to send in a
file (encrypted).





Regards
Vipul Ramani




--
Regards

Vipul Ramani





--
Regards

Vipul Ramani



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 

Thread Tools




All times are GMT. The time now is 02:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org