Bug 2251260
| Summary: | dsconf replication status fails with 'Invalid credentials' while trying to reuse initial credentials. [12.3.0z] | ||
|---|---|---|---|
| Product: | Red Hat Directory Server | Reporter: | thierry bordaz <tbordaz> |
| Component: | 389-ds-base | Assignee: | LDAP Maintainers <idm-ds-dev-bugs> |
| Status: | CLOSED ERRATA | QA Contact: | LDAP QA Team <idm-ds-qe-bugs> |
| Severity: | high | Docs Contact: | Evgenia Martynyuk <emartyny> |
| Priority: | high | ||
| Version: | 12.3 | CC: | emartyny, idm-ds-dev-bugs, idm-ds-qe-bugs, musoni, spichugi, tbordaz, tmihinto, vashirov |
| Target Milestone: | --- | Keywords: | Triaged, ZStream |
| Target Release: | dirsrv-12.3 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | sync-to-jira | ||
| Fixed In Version: | 389-ds-base-2.3.6-7.module+el9dsrv+20809+3c18e0b0 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 2217641 | Environment: | |
| Last Closed: | 2024-01-23 17:24:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2217641 | ||
| Bug Blocks: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (redhat-ds:12 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2024:0380 |
Build tested: 389-ds-base-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64 dsconf now asks for a Bind DN and password instead of assuming the same credentials: # dsconf -D "cn=Directory Manager" ldap://localhost:1389 replication status --suffix dc=example,dc=com Enter password for cn=Directory Manager on ldap://localhost:1389: Enter bind DN for the replicated suffix (dc=example,dc=com) on localhost:2389 : cn=Directory Manager Enter password for (cn=Directory Manager) to the replicated suffix (dc=example,dc=com) on localhost:2389 : {'agmt-name': ['M1toM2'], 'replica': ['localhost:2389'], 'replica-enabled': ['on'], 'update-in-progress': ['FALSE'], 'last-update-start': ['19700101000000Z'], 'last-update-end': ['19700101000000Z'], 'number-changes-sent': ['0'], 'number-changes-skipped': ['unavailable'], 'last-update-status': ["Error (-1) Problem connecting to replica - LDAP error: Can't contact LDAP server (connection error)"], 'last-init-start': ['20240116113339Z'], 'last-init-end': ['19700101000000Z'], 'last-init-status': ["Error (-1) - LDAP error: Can't contact LDAP server - no response received"], 'reap-active': ['0'], 'replication-status': ['Not in Synchronization: supplier (Unknown) consumer (Unknown) State (red) Reason (Consumer can not be contacted)'], 'replication-lag-time': ['unavailable']} # dsconf -D "cn=Directory Manager" ldap://localhost:1389 repl-agmt status --suffix "dc=example,dc=com" M1toM2 Enter password for cn=Directory Manager on ldap://localhost:1389: Enter bind DN for the replicated suffix (dc=example,dc=com) on localhost:2389 : cn=Directory Manager Enter password for (cn=Directory Manager) to the replicated suffix (dc=example,dc=com) on localhost:2389 : Status For Agreement: "M1toM2" (localhost:2389) Replica Enabled: on Update In Progress: FALSE Last Update Start: 19700101000000Z Last Update End: 19700101000000Z Number Of Changes Sent: 0 Number Of Changes Skipped: None Last Update Status: Error (-1) Problem connecting to replica - LDAP error: Can't contact LDAP server (connection error) Last Init Start: 20240116113339Z Last Init End: 19700101000000Z Last Init Status: Error (-1) - LDAP error: Can't contact LDAP server - no response received Reap Active: 0 Replication Status: Not in Synchronization: supplier (Unknown) consumer (Unknown) State (red) Reason (Consumer can not be contacted) Replication Lag Time: unavailable Marking as VERIFIED.