directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: replication partially working
Date Thu, 10 May 2012 10:46:46 GMT
did you, by any chance, modify the password of the user in slave to the same
value that is being replicated later?

On Thu, May 10, 2012 at 4:01 PM, houmles <houmles@gmail.com> wrote:
> i have only 2 test users on that ldap, i am in testing phase before
> deploying to live so definitely no one changing password.
> this error popups in the same time as i changed the value and slave
> tried to sync.
>
> On 05/10/2012 12:26 PM, Kiran Ayyagari wrote:
>> this error is not related to replication, it is a password policy related error
>> some user is trying to change the password but is giving a value that he has
>> used earlier as password.
>>
>>
>> On Thu, May 10, 2012 at 3:53 PM, houmles <houmles@gmail.com> wrote:
>>> This error shows on slave server. I happens only when i tried to modify
>>> any attribute. DN syncing works and don't have any errors.
>>>
>>> jvm 1    | [12:18:39] ERROR
>>> [org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl]
>>> - invalid reuse of password present in password history
>>> jvm 1    |
>>> org.apache.directory.shared.ldap.model.exception.LdapOperationException:
>>> invalid reuse of password present in password history
>>> jvm 1    |     at
>>> org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:956)
>>> jvm 1    |     at
>>> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
>>> jvm 1    |     at
>>> org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:248)
>>> jvm 1    |     at
>>> org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:660)
>>> jvm 1    |     at
>>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:590)
>>> jvm 1    |     at
>>> org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:564)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:985)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResult(ReplicationConsumerImpl.java:361)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:618)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:505)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.start(ReplicationConsumerImpl.java:548)
>>> jvm 1    |     at
>>> org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:660)
>>> jvm 1    |     at java.lang.Thread.run(Thread.java:722)
>>>
>>> On 05/10/2012 11:23 AM, Kiran Ayyagari wrote:
>>>> this looks valid, do you have any error logs?
>>>>
>>>> On Thu, May 10, 2012 at 2:09 PM, houmles <houmles@gmail.com> wrote:
>>>>> here it is:
>>>>>
>>>>> dn: ads-replconsumerid=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers
>>>>>  ,ads-directoryServiceId=default,ou=config
>>>>> objectclass: top
>>>>> objectclass: ads-base
>>>>> objectclass: ads-replConsumer
>>>>> ads-replaliasderefmode: never
>>>>> ads-replattributes: *
>>>>> ads-replconsumerid: 1
>>>>> ads-replprovhostname: x.x.x.x
>>>>> ads-replprovport: 10389
>>>>> ads-replrefreshinterval: 60000
>>>>> ads-replrefreshnpersist: true
>>>>> ads-replsearchfilter: (objectClass=*)
>>>>> ads-replsearchscope: sub
>>>>> ads-replsearchsizelimit: 0
>>>>> ads-replsearchtimeout: 0
>>>>> ads-repluserdn: uid=admin,ou=system
>>>>> ads-repluserpassword:: xxxxxxxxx
>>>>> ads-searchbasedn: dc=xxx,dc=xx
>>>>> ads-replstrictcertvalidation: false
>>>>> ads-replusetls: false
>>>>>
>>>>> On 05/10/2012 10:29 AM, Kiran Ayyagari wrote:
>>>>>> can you provide the complete entry data with DN
>>>>>>
>>>>>> ads-replConsumerId=<whatever-id-you-have-here>,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
>>>>>>
>>>>>> (remove the seerver IP and user credentials if they are sensitive)
>>>>>>
>>>>>> On Thu, May 10, 2012 at 1:38 PM, houmles <houmles@gmail.com>
wrote:
>>>>>>> ups, forgot to mention 2.0.0-M6
>>>>>>>
>>>>>>> On 05/10/2012 10:00 AM, Emmanuel Lécharny wrote:
>>>>>>>> Le 5/10/12 9:48 AM, houmles a écrit :
>>>>>>>>> Hi,
>>>>>>>> Hi,
>>>>>>>>> I have fully working one ADS and want to replicate it
to another. I
>>>>>>>>> followed some tutorial and managed to replicate it but
only just DN's. I
>>>>>>>>> can't get to sync attributes inside.
>>>>>>>>>
>>>>>>>>> My setting are:
>>>>>>>>> ads-replsearchfilter: (objectClass=*)
>>>>>>>>> ads-replsearchscope: sub
>>>>>>>>>
>>>>>>>>> is that ok?
>>>>>>>>> I want to achieve full 1:1 replication.
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>> Which ADS version are you using ?
>>>>>>>>
>>>>>>>>
>>>>
>>
>>



-- 
Kiran Ayyagari

Mime
View raw message