FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 03-15-2012, 12:43 AM
Arpit Tolani
 
Default altering replication agreements

Hello

On Thu, Mar 15, 2012 at 6:55 AM, Michael R. Gettes <gettes@gmail.com> wrote:

EL 5.6 and ds-389 1.2.9.9



I have a question of curiosity…



I have a number of replication agreements. ¬*They were initially configured as TLS on port 389. I need them to be moved to SSL on 636. ¬*I could re-create the agreements and delete the old ones. ¬*OR, what about going into the cn=config, using Console and into the mapping tree and for each agreement I change nsdsReplicaPort and nsdsReplicaTransportInfo to 636 and SSL respectively. ¬*Will this work? ¬*Or will it screw replication into the floor? ¬*Would I need to restart nssldapd?




Thoughts appreciated and MANY thanks in advance.



After creating a replication agreement, the connection type (SSL or
non-SSL) cannot be change because LDAP and LDAPS connections use
different ports. To change the connection type, re-create the
replication agreement.

Refer http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_Replication-Configuring_Cascading_Replication.html


Regards
Arpit Tolani
¬*

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 03-20-2012, 01:32 PM
Rich Megginson
 
Default altering replication agreements

On 03/14/2012 07:25 PM, Michael R. Gettes wrote:

EL 5.6 and ds-389 1.2.9.9

I have a question of curiosity…

I have a number of replication agreements. They were initially configured as TLS on port 389. I need them to be moved to SSL on 636. I could re-create the agreements and delete the old ones.

Not recommended.

OR, what about going into the cn=config, using Console and into the mapping tree and for each agreement I change nsdsReplicaPort and nsdsReplicaTransportInfo to 636 and SSL respectively. Will this work?

Yes, it should work.

Or will it screw replication into the floor?

No.

Would I need to restart nssldapd?

Maybe - try it without restarting first.


Thoughts appreciated and MANY thanks in advance.

/mrg
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 03-20-2012, 04:26 PM
"Michael R. Gettes"
 
Default altering replication agreements

It worked and without a restart of the server. THANKS!

/mrg

On Mar 20, 2012, at 10:32, Rich Megginson wrote:

> On 03/14/2012 07:25 PM, Michael R. Gettes wrote:
>> EL 5.6 and ds-389 1.2.9.9
>>
>> I have a question of curiosity…
>>
>> I have a number of replication agreements. They were initially configured as TLS on port 389. I need them to be moved to SSL on 636. I could re-create the agreements and delete the old ones.
> Not recommended.
>> OR, what about going into the cn=config, using Console and into the mapping tree and for each agreement I change nsdsReplicaPort and nsdsReplicaTransportInfo to 636 and SSL respectively. Will this work?
> Yes, it should work.
>> Or will it screw replication into the floor?
> No.
>> Would I need to restart nssldapd?
> Maybe - try it without restarting first.
>>
>> Thoughts appreciated and MANY thanks in advance.
>>
>> /mrg
>> --
>> 389 users mailing list
>> 389-users@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 10:20 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org