Hi Herb,/
/While working on a different replication issue I accidentally
reproduced your issue. My issue was a typo in the password in the repl
agreement. I know you said you passwords were the same, but maybe there
is still a mismatch. Also, if the root dn specified in the agreement
doesn 't match what is setup in the consumer config you'll get the same
error. So it's either the password, or the bind dn.
So I would like you to try two more things:
[1] Make sure the repl bind dn's are set correctly on all the server's
agreements/config: nsDS5ReplicaBindDN
- I saw in your last email that you still had "cn=replication,
cn=config" as your bind dn. It should be "cn=replication
manager,cn=config" - assuming you did create this account.
- Please make sure the bind dn is set correctly for every
agreement/replica, and then try to reinit. Just grep for
"nsDS5ReplicaBindDN" from the dse.ldif on every server. The edits must
be done while the server is stopped or else you will lose your changes.
[2] If [1] doesn't work. Then stop all the servers, and in the
dse.ldif, set all the passwords in plain text for the replication
manager, and the agreements. This needs to be done across the board.
Start the servers, and reinit.
- If this works, you can go back in a reset the password with
ldapmodify to encrypt the passwords.
Hope this helps,
Mark
/
/
On 04/20/2012 03:24 PM, Herb Burnswell wrote:
Unable to acquire replica: permission denied. The bind dn
"cn=replication manager,cn=config" does not have permission to supply
replication updates to the replica. Will retry later.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users