Thanks Rich. So to modify an existing replication agreement and add some attribute exclusions, could I do something like the following:
create the .ldif below and add it each supplier agreement using ldapmodify? dn: cn="Replication to p-ldap-isvr02.example.com",cn=replica,cn="dc=example,dc=com",cn=mapping tree,cn=config changetype: modify replace: nsds5replicatedattributelist nsds5replicatedattributelist: (objectclass=*) $ EXCLUDE accountunlocktime passwordretrycount retrycountresettime memberof Would each consumer need to be re-initialized after making a change like this? Thanks, Stephen ** On Thu, Mar 10, 2011 at 8:04 AM, Rich Megginson <rmegg...@redhat.com> wrote: > On 03/09/2011 10:34 PM, Stephen Agar wrote: > > In my previous reading it seemed like fractional replication wasn't > possible in a multi-master environment. Statements like this from the > administrators guide: "Fractional replication can only be done where the > consumer is a read-only replica" are what i'm referring to. Am I > misunderstanding what fractional replication is? > > It is now supported in most cases. Please direct me to statements like the > above in our docs and I will fix them. > > > Thanks > > On Wed, Mar 9, 2011 at 11:18 AM, Rich Megginson <rmegg...@redhat.com>wrote: > >> On 03/09/2011 10:11 AM, Stephen Agar wrote: >> >> I've seen multiple different types of changes in there flagged as this >> issue. >> - Some was a custom "directory string" attribute, being change from value >> notActivated to activated >> >> I suppose this might be a problem if the schema were somehow different >> between the two servers, which could happen if you added the schema via a >> file and not via LDAP. >> >> - Some password account lockout attributes, resettime, etc. >> >> See >> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_Replication-Replicating-Password-Attributes >> >> - Most are modifications to the "memberof" attribute, which is set by the >> member plugin >> >> memberof should not be replicated - see >> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#groups-cmd-memberof >> there is an Important Note on that page about replicating memberof >> >> - Some are password changes >> >> I suppose this could be possible if the password policy is different on >> the supplier and the consumer >> >> >> In all cases that i've checked, the data seems to be correct and >> consistent across all 4 nodes. >> >> Thanks for any insight. >> >> --stephen >> >> >> On Tue, Mar 8, 2011 at 3:21 PM, Rich Megginson <rmegg...@redhat.com>wrote: >> >>> On 03/08/2011 11:17 AM, Stephen Agar wrote: >>> >>> I have a 4 server multi master replication setup going on. We get a lot >>> of errors like this: >>> >>> NSMMReplicationPlugin - agmt="cn="Replication to server"" (server:636): >>> Consumer failed to replay change (uniqueid >>> 2365a885-b85511df-ad54b6ca-51ecbecb, CSN 4d6ceae5000700010000): DSA is >>> unwilling to perform. Will retry later. >>> >>> I've used cl-dump on all four nodes to dump the logs and track these >>> down. However, all of the "offending" changes that say they weren't made do >>> indeed seem to be applied on all 4 nodes. >>> >>> What are these changes? What operations, attributes, values, etc. >>> >>> Is there a command I can use to remove specific entries from the >>> changelog? In the past, i've just re-initialized nodes to get rid of these, >>> but that's certainly not the preferred way to do this. >>> >>> Thanks, >>> Stephen >>> >>> >>> -- >>> 389 users mailing >>> list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users >>> >>> >>> >> >> > >
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
