directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From houmles <houm...@gmail.com>
Subject Re: replication partially working
Date Thu, 10 May 2012 10:31:19 GMT
i have only 2 test users on that ldap, i am in testing phase before
deploying to live so definitely no one changing password.
this error popups in the same time as i changed the value and slave
tried to sync.

On 05/10/2012 12:26 PM, Kiran Ayyagari wrote:
> this error is not related to replication, it is a password policy related error
> some user is trying to change the password but is giving a value that he has
> used earlier as password.
>
>
> On Thu, May 10, 2012 at 3:53 PM, houmles <houmles@gmail.com> wrote:
>> This error shows on slave server. I happens only when i tried to modify
>> any attribute. DN syncing works and don't have any errors.
>>
>> jvm 1    | [12:18:39] ERROR
>> [org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl]
>> - invalid reuse of password present in password history
>> jvm 1    |
>> org.apache.directory.shared.ldap.model.exception.LdapOperationException:
>> invalid reuse of password present in password history
>> jvm 1    |     at
>> org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:956)
>> jvm 1    |     at
>> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
>> jvm 1    |     at
>> org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:248)
>> jvm 1    |     at
>> org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:660)
>> jvm 1    |     at
>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:590)
>> jvm 1    |     at
>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:564)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:985)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResult(ReplicationConsumerImpl.java:361)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:618)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:505)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.start(ReplicationConsumerImpl.java:548)
>> jvm 1    |     at
>> org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:660)
>> jvm 1    |     at java.lang.Thread.run(Thread.java:722)
>>
>> On 05/10/2012 11:23 AM, Kiran Ayyagari wrote:
>>> this looks valid, do you have any error logs?
>>>
>>> On Thu, May 10, 2012 at 2:09 PM, houmles <houmles@gmail.com> wrote:
>>>> here it is:
>>>>
>>>> dn: ads-replconsumerid=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers
>>>>  ,ads-directoryServiceId=default,ou=config
>>>> objectclass: top
>>>> objectclass: ads-base
>>>> objectclass: ads-replConsumer
>>>> ads-replaliasderefmode: never
>>>> ads-replattributes: *
>>>> ads-replconsumerid: 1
>>>> ads-replprovhostname: x.x.x.x
>>>> ads-replprovport: 10389
>>>> ads-replrefreshinterval: 60000
>>>> ads-replrefreshnpersist: true
>>>> ads-replsearchfilter: (objectClass=*)
>>>> ads-replsearchscope: sub
>>>> ads-replsearchsizelimit: 0
>>>> ads-replsearchtimeout: 0
>>>> ads-repluserdn: uid=admin,ou=system
>>>> ads-repluserpassword:: xxxxxxxxx
>>>> ads-searchbasedn: dc=xxx,dc=xx
>>>> ads-replstrictcertvalidation: false
>>>> ads-replusetls: false
>>>>
>>>> On 05/10/2012 10:29 AM, Kiran Ayyagari wrote:
>>>>> can you provide the complete entry data with DN
>>>>>
>>>>> ads-replConsumerId=<whatever-id-you-have-here>,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
>>>>>
>>>>> (remove the seerver IP and user credentials if they are sensitive)
>>>>>
>>>>> On Thu, May 10, 2012 at 1:38 PM, houmles <houmles@gmail.com> wrote:
>>>>>> ups, forgot to mention 2.0.0-M6
>>>>>>
>>>>>> On 05/10/2012 10:00 AM, Emmanuel Lécharny wrote:
>>>>>>> Le 5/10/12 9:48 AM, houmles a écrit :
>>>>>>>> Hi,
>>>>>>> Hi,
>>>>>>>> I have fully working one ADS and want to replicate it to
another. I
>>>>>>>> followed some tutorial and managed to replicate it but only
just DN's. I
>>>>>>>> can't get to sync attributes inside.
>>>>>>>>
>>>>>>>> My setting are:
>>>>>>>> ads-replsearchfilter: (objectClass=*)
>>>>>>>> ads-replsearchscope: sub
>>>>>>>>
>>>>>>>> is that ok?
>>>>>>>> I want to achieve full 1:1 replication.
>>>>>>>>
>>>>>>>> Thanks
>>>>>>> Which ADS version are you using ?
>>>>>>>
>>>>>>>
>>>
>
>

Mime
View raw message