HI Rich,
[root@algldap ~]# /usr/lib/mozldap/ldapsearch -x -w - -D cn="Directory
Manager" -b "ou=People,dc=algonquincollege,dc=com"
"(|(objectclass=ntuser)(objectclass=ntgroup))"
Enter bind password:
[root@algldap ~]#
No Entry found !!!.
Thanks.
Albert
On Tue, May 31, 2011 at 11:42 AM, Rich Megginson <rmegg...@redhat.com>wrote:
> On 05/30/2011 08:32 AM, Albert Teh wrote:
>
> Hi Rich,
>
> I followed the Guide and still got the same result. Checked with the AD
> administrator, the AD's user: mailadm has a full privilege.
>
> /usr/bin/ldapsearch -x -w - -D cn="Directory Manager"-b
> "ou=People,dc=algonquincollege,dc=com"
> "(|(objectclass=ntuser)(objectclass=ntgroup))"
>
> How many entries match that search?
>
>
> Thanks.
> Albert
>
> Here is the Windows Sync Agreement info:
>
> [root@algldap slapd-algldap]# /usr/lib/mozldap/ldapsearch -w - -D
> cn="Directory Manager" -b cn=config cn=ADSync
> Enter bind password:
> version: 1
> dn: cn=ADSync,cn=replica,cn=dc\3Dalgonquincollege\2Cdc\3Dcom,cn=mapping
> tree,c
> n=config
> objectClass: top
> objectClass: nsDSWindowsReplicationAgreement
> description: AD Sync Agreement
> cn: ADSync
> nsds7WindowsReplicaSubtree:
> cn=Users,dc=ottawa,dc=ad,dc=algonquincollege,dc=co
> m
> nsds7DirectoryReplicaSubtree: ou=People, dc=algonquincollege,dc=com
> nsds7NewWinUserSyncEnabled: on
> nsds7NewWinGroupSyncEnabled: on
> nsds7WindowsDomain: ottawa.ad.algonquincollege.com
> nsDS5ReplicaRoot: dc=algonquincollege,dc=com
> nsDS5ReplicaHost: wodcstage-1.ottawa.ad.algonquincollege.com
> nsDS5ReplicaPort: 389
> nsDS5ReplicaBindDN:
> cn=mailadm,cn=Users,dc=ottawa,dc=ad,dc=algonquincollege,dc
> =com
> nsDS5ReplicaBindMethod: SIMPLE
> nsDS5ReplicaCredentials: {DES}U68ooQM3C15xjJ/taDmy0A==
> nsds5replicareapactive: 0
> nsds5replicaLastUpdateStart: 20110530141648Z
> nsds5replicaLastUpdateEnd: 20110530141648Z
> nsds5replicaChangesSentSinceStartup:
> nsds5replicaLastUpdateStatus: 0 Replica acquired successfully: Incremental
> upd
> ate succeeded
> nsds5replicaUpdateInProgress: FALSE
> nsds5replicaLastInitStart: 20110530140648Z
> nsds5replicaLastInitEnd: 20110530140648Z
> nsds5replicaLastInitStatus: 0 Total update succeeded
> [root@algldap slapd-algldap]#
>
>
>
> On Fri, May 27, 2011 at 10:57 AM, Rich Megginson <rmegg...@redhat.com>wrote:
>
>> On 05/27/2011 04:22 AM, Albert Teh wrote:
>>
>> Hi Rich,
>>
>> I reinstalled 389-ds-base 1.2.8.3 from EPEL5 and added onewaysync set as
>> fromWindows in the multimaster replication plugin. I still got the same
>> result with no user created in the DS subtree.
>>
>> Have you read
>> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Windows_Sync-About_Windows_Sync
>>
>>
>> Errors log:
>>
>> [27/May/2011:06:18:26 -0400] NSMMReplicationPlugin - Beginning total
>> update of replica "agmt="cn=ADSync" (wodcstage-1:389)".
>> [27/May/2011:06:18:26 -0400] NSMMReplicationPlugin - Finished total update
>> of replica "agmt="cn=ADSync" (wodcstage-1:389)". Sent 0 entries.
>>
>>
>> Access log:
>>
>> [27/May/2011:06:18:29 -0400] conn=1 op=114 SRCH
>> base="cn=ADSync,cn=replica,cn=dc\3Dalgonquincollege\2Cdc\3Dcom,cn=mapping
>> tree,cn=config" scope=0
>> filter="(|(objectClass=*)(objectClass=ldapsubentry))"
>> attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd
>> nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus
>> nsds5replicaUpdateInProgress nsds5replicaLastInitStart
>> nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
>> [27/May/2011:06:18:29 -0400] conn=1 op=114 RESULT err=0 tag=101 nentries=1
>> etime=
>>
>> Thanks for your help.
>>
>> Albert
>>
>>
>>
>> On Thu, May 26, 2011 at 11:13 AM, Rich Megginson <rmegg...@redhat.com>wrote:
>>
>>> On 05/26/2011 08:58 AM, Albert Teh wrote:
>>>
>>> Hi,
>>>
>>> We are setting up a new CENTOS-DS version 8.1.0. and CENTOS 5.5 and
>>> attempt to synchronize with the existing 2003 Windows AD server.
>>> Performing the full sync completed. There is no user created in the DS
>>> subtree.
>>>
>>> We would like to perform one way Sync: AD ----> DS. Once it works, we
>>> will set up the password Sync from the AD to DS.
>>>
>>> One way sync isn't supported with 8.1.0. I suggest using 389-ds-base
>>> 1.2.8.3 from EPEL5 which does support one way sync.
>>> http://directory.fedoraproject.org/wiki/One_Way_Active_Directory_Sync
>>>
>>>
>>> AD: cn=Users,cn=location,dc=ad,dc=domain,dc=com
>>> DS: ou=Peoples,dc=domain,dc=com
>>>
>>> errors log:
>>>
>>>
>>> [26/May/2011:10:20:34 -0400] NSMMReplicationPlugin - Beginning total
>>> update of replica "agmt="cn=ADsync" (wodcstage-1:389)".
>>> [26/May/2011:10:20:34 -0400] NSMMReplicationPlugin - Finished total
>>> update of replica "agmt="cn=ADsync" (wodcstage-1:389)". Sent 0 entries.
>>>
>>> access log:
>>>
>>> 26/May/2011:10:20:37 -0400] conn=11 op=819 SRCH base="cn=ADsync,
>>> cn=replica, cn=\22dc=algonquincollege, dc=com\22, cn=mapping tree,
>>> cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))"
>>> attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd
>>> nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus
>>> nsds5replicaUpdateInProgress nsds5replicaLastInitStart
>>> nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
>>> [26/May/2011:10:20:37 -0400] conn=11 op=819 RESULT err=0 tag=101
>>> nentries=1 etime=0
>>>
>>>
>>> Thanks.
>>> Albert
>>>
>>>
>>>
>>> --
>>> 389 users mailing
>>> list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>>>
>>>
>>>
>>
>>
>> --
>> Albert Teh
>> Email: teh.alb...@gmail.com
>>
>>
>>
>
>
> --
> Albert Teh
> Email: teh.alb...@gmail.com
>
>
>
--
Albert Teh
Email: teh.alb...@gmail.com
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
