FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 05-17-2012, 09:35 PM
Patrick Morris
 
Default Sync with active directory doubts

On 5/17/2012 2:26 PM, Alberto Viana wrote:


Hello,



I have 2 389 DS servers a 6 AD servers and i read this on red
hat documetation about windows replication:



"There
can only be a single sync agreement between the Directory
Server environment and the Active Directory environment.
Multiple sync agreements to the same Active Directory domain
can create entry conflicts."



Now Im trying the
following scenario:






server2
389(consumer) <- replication -> server1 389 <-
replication -> Server1 AD
* * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * *Server2 AD
* * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * *Server3 AD



So in my master 389
server (server1) I have 3 agreements with 3 different AD
servers. Its not clear if "Active Directory environment"
means just one AD server.





No, it means the entire AD environment. As explained in your quote,
"multiple sync agreements to the same Acive Directory domain can
cause entry conflicts."* If you're looking to set up more than one
sync agreement to the same domain, you're most likely going to have
problems.



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-17-2012, 09:49 PM
Rich Megginson
 
Default Sync with active directory doubts

On 05/17/2012 03:35 PM, Patrick Morris wrote:


On 5/17/2012 2:26 PM, Alberto Viana wrote:


Hello,



I have 2 389 DS servers a 6 AD servers and i read this on
red hat documetation about windows replication:



"There

can only be a single sync agreement between the Directory
Server environment and the Active Directory environment.
Multiple sync agreements to the same Active Directory domain
can create entry conflicts."



Now Im trying the
following scenario:






server2
389(consumer) <- replication -> server1 389 <-
replication -> Server1 AD
* * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * *Server2 AD
* * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * *Server3 AD



So in my master
389 server (server1) I have 3 agreements with 3 different
AD servers. Its not clear if "Active Directory
environment" means just one AD server.





No, it means the entire AD environment. As explained in your
quote, "multiple sync agreements to the same Acive Directory
domain can cause entry conflicts."* If you're looking to set up
more than one sync agreement to the same domain, you're most
likely going to have problems.




Right.* See also https://fedorahosted.org/389/ticket/225








--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-18-2012, 05:42 AM
Juan Carlos Camargo
 
Default Sync with active directory doubts

Alberto,
I had a 389ds server with more than 70 windows sync agreements (for a first user reconciliation). Each of them to different AD domain controllers and different domains. No problems at all. But I wouldnt try it if the AD domain was the same regardless of the number of controllers that held it (your case).*
Regards!

De: "Alberto Viana" <albertocrj@gmail.com>
Para: 389-users@lists.fedoraproject.org
Enviados: Jueves, 17 de Mayo 2012 23:26:04
Asunto: [389-users] Sync with active directory doubts

Hello,
I have 2 389 DS servers a 6 AD servers and i read this on red hat documetation about windows replication:
"There can only be a single sync agreement between the Directory Server environment and the Active Directory environment. Multiple sync agreements to the same Active Directory domain can create entry conflicts."


Now Im trying the following scenario:




server2 389(consumer) <- replication -> server1 389 <- replication -> Server1 AD
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *Server2 AD
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *Server3 AD


So in my master 389 server (server1) I have 3 agreements with 3 different AD servers. Its not clear if "Active Directory environment" means just one AD server.


Just to make clear that the 6 AD servers are in the same Active Directory domain and all replicate information with each other. I have this number of AD servers because they are located in different places(physically).




Can this scenario create entry conflitc? Am I suppose to sync with just one AD server?






Thanks,


Alberto Viana






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


--




Juan Carlos Camargo Carrillo**

957-211157 , 650932877

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-18-2012, 11:33 AM
Alberto Viana
 
Default Sync with active directory doubts

Hello all,
I will modify my config. Thanks so much for the information.
Alberto Viana

On Fri, May 18, 2012 at 2:42 AM, Juan Carlos Camargo <juancar@eprinsa.es> wrote:

Alberto,

I had a 389ds server with more than 70 windows sync agreements (for a first user reconciliation). Each of them to different AD domain controllers and different domains. No problems at all. But I wouldnt try it if the AD domain was the same regardless of the number of controllers that held it (your case).*

Regards!



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 03:59 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org