problem with initialize-all in dsreplication

This topic has 6 replies, 4 voices, and was last updated 3 years, 1 month ago by Andy Cory.

  • Author
    Posts
  • #17962
     sixart
    Participant

    Hi,
    I have a problem when try to initialize replication in Opendj 3.

    I do this command:

    /opt/opendj/bin/dsreplication \
    enable \
    --adminUID admin \
    --adminPassword password \
    --baseDN dc=example,dc=it \
    --host1 192.168.0.148 \
    --port1 4444 \
    --bindDN1 "cn=Admin" \
    --bindPassword1 Admin \ 
    --replicationPort1 8989 \
    --host2 192.168.0.151 \
    --port2 4444 \
    --bindDN2 "cn=Admin" \
    --bindPassword2 Admin \
    --replicationPort2 8989 \
    --trustAll \
    --no-prompt

    After this I do:

    /opt/opendj/bin/dsreplication \
    initialize-all \
    --adminUID admin \
    --adminPassword password \
    --baseDN dc=example,dc=it \
    --hostname 192.168.0.148 \
    --port 4444 \
    --trustAll \
    --no-prompt

    But in shell I see error 49:

    The provided credentials are not valid in server 192.168.0.148:4444.  Details:
    [LDAP: error code 49 - Invalid Credentials]
    

    Password in command is the same, where is the problem??

    Regards,
    Dario

    #18006
     Gentjan Kocaqi
    Participant

    Could you please provide the output of the status command? It seems that your enable command didn’t went well.Could you also confirm that you are using OpenDJ 2.6? Thanks

    #18008
     sixart
    Participant

    I’m using Opendj 3.

    The output is:

    The provided credentials are not valid in server 192.168.0.148:4444.  Details:
    [LDAP: error code 49 - Invalid Credentials]
    #18015
     Andy Cory
    Participant

    As @gentjan-kocaqi suggests, the problem is probably with the first command rather than the second. Until replication is set up, the admin user specified in the adminUID field is not created. Therefore an initialise command will fail with error 49 due to the admin user not existing. If the user doesn’t exist, then getting a ‘status’ with dsreplication can’t be relied upon either. Did you get any feedback from the first command, rather than the second?

    Andy

    #18017
     sixart
    Participant

    Enable command return this outuput:

    Establishing connections ..... Done.
    Checking registration information ..... Done.
    Configuring Replication port on server 192.168.0.148:4444 ..... Done.
    Configuring Replication port on server 192.168.0.151:4444 ..... Done.
    Updating replication configuration for baseDN dc=example,dc=it
    on server 192.168.0.148:4444 .....Done.
    Updating replication configuration for baseDN dc=example,dc=it
    on server 192.168.0.151:4444 .....Done.
    Updating registration configuration on server 192.168.0.148:4444 ..... Done.
    Updating registration configuration on server 192.168.0.151:4444 ..... Done.
    Updating replication configuration for baseDN cn=schema on server
    192.168.0.148:4444 .....Done.
    Updating replication configuration for baseDN cn=schema on server
    192.168.0.151:4444 .....Done.
    Initializing registration information on server 192.168.0.151:4444 with the
    contents of server 192.168.0.148:4444 .....Done.
    
    Replication has been successfully enabled.  Note that for replication to work
    you must initialize the contents of the base DNs that are being replicated
    (use dsreplication initialize to do so).
    
    See /tmp/opendj-replication-8187234047554688344.log for a detailed log of this
    operation.

    file log there isn’t.

    After initialize-all I see:

    The provided credentials are not valid in server 192.168.0.148:4444.  Details:
    [LDAP: error code 49 - Invalid Credentials]
    
    • This reply was modified 3 years, 1 month ago by sixart.
    #18019
     Ludo
    Moderator

    OpenDJ 3.0 and higher are cleaning the log files if everything was successful.

    Now, for the issue with initialize-all, without the full commands run, it’s hard to detail what is wrong. It could be from SSL to passwords.

    #18020
     Andy Cory
    Participant

    Hi Dario

    That is odd… it does look like replication was successfully enabled with no errors reported, and I cannot see anything wrong with the contents of either command. Check out the discussion at https://forum.forgerock.com/topic/dsreplication-failure/, where the same problem is reported. As @ludo says in that thread, these commands are run 100s of times a day within ForgeRock without issue, I can only think that you have hit an edge case that isn’t easy to spot.

    Andy

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?