Home.... | log in.... | Pub my question! | Sign-up....

Java-index >> Web & Directory Servers >> Directory Servers

sunone directory server to openldap

Is there anyone out there successfully replicated sunone directory server to openldap.

I set the agreement in SUN DS to replicate to openldap with openldap cn=manager credentials

and then in openldap added the following two lines in slapd.conf

updatedncn=Directory Manager

updateref ldap://sunonemasterdirectory:389/

when i initialize the agreement i got the following error message.

[23/May/2007:10:53:45 -0500] - ERROR<8318> - Repl. Transport - conn=-1 op=-1 ms

gId=-1 - [S] Bind failed with response: Transport Fatal error (800).

[23/May/2007:10:53:45 -0500] - ERROR<8228> - Total Protocol - conn=-1 op=-1 msgI

d=-1 - Bind error for agreement : cn=openldap:389,cn=replica,cn=dc=domain\

,dc=edu,cn=mapping tree,cn=config

[23/May/2007:10:53:45 -0500] - ERROR<8318> - Repl. Transport - conn=-1 op=-1 ms

gId=-1 - [S] Bind failed with response: Transport Fatal error (800).

[23/May/2007:10:53:45 -0500] - ERROR<8221> - Incremental Protocol - conn=-1 op=-

1 msgId=-1 - Failed and requires administrator action [openldap:389]

[23/May/2007:10:53:45 -0500] - ERROR<8221> - Incremental Protocol - conn=-1 op=-

1 msgId=-1 - Failed and requires administrator action [openldap:389]

[23/May/2007:10:56:20 -0500] - INFO: 1545 entries in the directory database.

[23/May/2007:10:56:20 -0500] - INFO: add:45, modify:322, modrdn:0, search:161765

, delete:4, compare:29, bind:10595 since startup.

Could someone can shed some light on this ...

Thanks

[1596 byte] By [kpaxian25a] at [2007-11-27 5:16:13]

«« Data conversion
»» I/O freeze when losing access to a mirror

# 1

Although LDAP queries are fairly portable across different families of directory servers, Replication isn't.

I'm unaware of ANY publicly released directory servers that can replicate directly across different families. So don't expect this to work or be supportable.

With the current licensing for Sun Java DS 6.0 you may well find that you can run multiple copies without additional cost to you (as long as you don't need support).

Depending on what your needs and goals are, what you want either: (a) two directory servers of the same kind), or (b) to use an Identity Manager (IDM) solution which can handle the more sophisticated conversions for you.

Scott.R.Corzinea at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

I found a script to do that. It is very helpfull. It is not perfect because it is not real time. And don't know how much entries you have to synchronize. I have 20000 and I takes 45 minutes.

The most difficulty is when you try to copy empty attributes. You will need to adapt the perl script.

Have a look at :

http://www.maui-systems.org/opensource/ldapsync/

Regards

Merlin_Der_Koeniga at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 3

Thanks Merlin, I have around 100,000 entries and it keeps growing.I am not sure this will work for a long term. Wish there is a way to replicate data from sunone to openldap.

kpaxian25a at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 4

Thanks Scott. Wish there is common protocol for all directories to replicate.

kpaxian25a at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 5

The SunOne replication uses SunOne LDAP extensions, so will not work with replicating to an OpenLDAP server.You could look at installing slurpd on the LDAP server, and then taking the audit log, and pushing that into slurpd.

DGrayStephensa at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 6

Could you please expand on the last part.You mean install slurpd in openldap and then copy audit log from sunone directory server to openldap ?

kpaxian25a at 2007-7-12 10:38:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

Web & Directory Servers Hot Topic