Binding to directory server vs. OD replica

Can someone explain the practical differences between binding a server to an OD master vs. being a replica of that OD master?
Why would I bind a server instead of making a replica? Seems like the replica would always be easier to admin and would provide the same function...?

I'm wondering why someone would do this. Why bind one server to another vs. making that second server a replica?
The real issue is whether this server is going to provide authentication services to other clients.
In addition to not wanting all your data on a single machine, if you have many client systems it may overwhelm a single directory server. For these reasons you may create a replica (or number of replicas) that keep in sync with the master server and have a complete copy of the entire Open Directory database (all users, machines, groups, etc.)
These replicas can then be used to provide authentication services to client systems, as well as provide failover for the client in case this machine goes away for any reason.
In contrast there's no need for every client system to have the entire directory. If you have many machines, the number of update messages that get passed around and need to be replicated to every machine on the network would be cumbersome, at best.
Then there's also an element of security - the directory should have some level of protection since it includes data about every user, including their password and other personal details. If you replicate this to every machine then any user on your network could poke around the data at their leisure. Contrast that with a typical client machine that only has the account credentials for the current user.
So for any network you should create one master and at least one replica. Client systems should point to a replica and should not be Open Directory replicas themselves.

Similar Messages

How do I bind to directory server with SSL and authentication?

I'm running Lion Server 10.7.3, Open Directory master. In Open Directory/Settings/LDAP, I've checked the box to Enable SSL and selected a (self-signed) certificate. In Policies/Binding, I've checked the box to Enable Authenticated Directory Binding.
Testing with a client computer on which Snow Leopard has been freshly installed and fully updated, I went to System Prefs/Accounts to bind to the new directory server. The good news is, the binding was successful, and when the client initiates an AFP connection with the server, it uses Kerberos, creating a ticket as expected. (Which doesn't work with Lion clients, alas, but that's a seperate matter.)
Here are the problems:
1) It looks like the binding did not use SSL. By which I mean that when I opened Directory Utility and examined the LDAPv3 entry, the SSL checkbox was not checked. (If I then check the box, everything looks fine until I restart the client, after which I have a red dot. So I'm guessing that checking the box does nothing until after restart, and that it breaks the binding.)
2) I was never prompted to authenticate for the directory binding.
So I get that literally I'm *enabling* SSL and Authenticated Directory Binding, but it seems like the defaults are to bind without SSL or authentication, and there's no obvious-to-me way to force the binding to use those things. How do I do that?
What I'd really like to do is *require* SSL and Authenticated Directory Binding. I want this because my belief (correct me if I'm wrong) is that if authentication is required to bind to the server, no one will be able to bind to my server without my permission, and that SSL offers a more secure connection to my server than not-SSL. How do I require these things, or do I not really want to?
Thank you.

You cannot connect to databases via Muse at the moment. Please refer: http://forums.adobe.com/message/5090145#5090145
Cheers,
Vikas

Directory Server Replica and Messaging Server 6

I install Directory Server 5.2 as Master Replica in one machine (V120) and on the other machine (V240) I install the following:
1. SunONE Directory Server 5.2 (Consumer
Replica) or slave replica.
2. SunONE Identity Server
3. SunONE Messaging Server 6
I have successfully install and configured the 3 Servers, when they are running on just one machine (one box). But when I try to run them in two separate machines as described above, the messaging server acts strangely and it's configuration fails, when i try to configure it on the directory server replica.
In simpler words, I want to know if someone has installed Messaging Server in a Directory Server Replication scenario, where there are two machines involve. Because all works well when we install everything on one machine (one box) but I am having hard time configuring the messaging server in this split setup scenario.
So, if someone has idea about how to run the Messaging Server 6 ( ./configure ) file successfully on a Directory Server 5.2 Replica, please suggest me in detail.
Thanking you,
Farhan Ahmed.
Vision Valley, Dubai.

Messaging Server uses LDAP in two ways. The obvious one is that user/group/domain information is stored there.
The non-obvious way is that some configuration information is stored in LDAP, in the "o=NetscapeRoot" tree. This tree is NOT ususally replicated, so if you perform the installation against one LDAP server, and then attempt to move the configuration to point to another one, and don't make a separate replication agreement for the configuration, your server won't work correctly.
To configure Messaging against a replica, you also need to understand how the replication and "referral" works. Without studying your scenario, I cannot tell what has failed, but indeed, there are users that have configured Messaging 6.0 against a replica LDAP system.
You may want to open a tech support ticket, and get personal help for your issue.

Retrieving user data from Directory Server using java code

Can anyone send java code to bind to directory server and retrieve the user information from server instance.

To CRabel,
My company have restriction on using the open sources product/code, but i will take a look on netscape ldap sdk as a reference~
To raghu1978 ,
i find a product call Directory Editor 1 2005Q1, I hope it is useful.
thz all~

How to promote my OSX10.6.8 replica server to Open Directory server

My Open Directory Server crash and i would like to promote my replica Server to Open Directory. can you tell me how to do this.

Hello Dave,
Check out the steps quoted below to promote your replica to the Open Directory master.
Provide Open Directory service
https://help.apple.com/advancedserveradmin/mac/3.1/#apdD1F7D8CA-CF07-40CE-B2D4-8 E3ACF4BCA40
Promote a replica to Open Directory master
If an Open Directory master fails and you can’t recover it from a backup, you can promote a replica to be a master. The new master (promoted replica) uses the directory and authentication databases of the replica.
Select Open Directory in the sidebar.
Click Servers.
Select a replica to promote, then choose Promote Replica to Master from the Action pop-up menu (looks like a gear).
Enter the directory administrator name and password.
If you archived Open Directory data with certificate authority keys, you can restore them by entering the Open Directory archive location or clicking choose to locate the archive.
Click Next.
Enter the user name and password for the replica that’s being promoted, then click Connect.
Regards,
-Norm G.

Replica Active Directory server in windows server 2008 R2

I installed and configured a secondary active directory server in 2008 R2 for fault tolerance as well as backup active directory server
what i wanted to know is if my primary AD goes down??? what changes i need to do my users pc since they are using primary DNS of of primary AD IP.. i am confused i want to know what need to be done if AD goes Down

> shall i update my DHCP configuration to assign primary DNS as
> 192.168.1.225 and secondary DNS as 192.168.3.245 and other DNS as
> 8.8.8.8 etc.
Yes. and you shall NOT deploy 8.8.8.8 as a DNS server to your clients,
but you shall configure this as a forwarder on your DNS servers.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Any idea on binding the iplanet directory server to portal server profile server.

i need to know the functionality of profile server and LDAP server with respect to SUN one portal server

Directory Server allows you to store, manage, and search for entries and their associated attributes in a number of different languages. An internationalized directory can be an invaluable corporate resource, providing employees and business partners with immediate access to the information they need in the languages they can understand.
The directory supports all international characters set by default because directory data is stored in UTF-8.Further, Directory Server allows you to specify matching rules and collation orders based on language preferences in search operations.
Note :
You must use ASCII characters for attribute and object class names.
visit this
http://docs.iplanet.com/docs/manuals/directory/50/html/ag/i18n.htm#2835992

Ubuntu Karmic authentication against Snow leopard open directory server

Hi,
I'm looking for help. I've tried to configure an installation of Karmic to authenticate against our office's open directory server running on an osx snow leopard server. Currently `getent password` show all users including those from the open directory server when running the command as both root and normal users. However authentication against the open directry users fails with the following messages in the /var/log/auth.log:-
Dec 7 22:42:05 [hostname] getent: nss_ldap: failed to bind to LDAP server ldap://server.domain.com: Invalid credentials
Dec 7 22:42:05 [hostname] getent: nss_ldap: could not search LDAP server - Server is unavailable
(I've changed the hostname and ldap url)
/etc/ldap.conf has:-
base dc=server,dc=domain,dc=com
ldap_version 3
rootbinddn cn=diradmin,dc=server,dc=domain,dc=com
bind_policy soft
pam_password md5
/etc/ldap.secret is set to the password of the diradmin user and has a permission mask of 600
/etc/pam.d/common-passwd :-
password sufficient pam_ldap.so md5
password required pam_unix.so nullok obscure md5
password optional pam_smbpass.so nullok use_authtok tryfirstpass missingok
/etc/pam.d/common-auth:-
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_ldap.so usefirstpass
auth requisite pam_deny.so
auth required pam_permit.so
/etc/pam.d/common-account:-
account [success=2 newauthtokreqd=done default=ignore] pam_unix.so
account [success=1 default=ignore] pam_ldap.so
account requisite pam_deny.so
account required pam_permit.so
/etc/pam.d/common-session
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required pam_unix.so
session optional pam_ldap.so
session optional pamckconnector.so nox11
Does anyone have any ideas where to go from here?
Message was edited by: zebardy

Hi
It's easy enough to 'connect' any version of OS X Server to any other version of OS X Server. Use the Join button in the Users & Groups Preferences Pane. Alternatively use the Directory Utility itself.
You seem to be misunderstanding what an Open Directory Master and Replica are? They are not what I think you think they are. They are not a 'back-up' of each other if you're providing more than the shared Directory Service.
An OD Replica maintains a read-only copy of the LDAP Database (Usernames, Passwords and Policies etc) that's stored on the OD Master and nothing more. If the Master was to go offline for any reason the Replica can be quickly promoted to a Master Role and continue to provide information for the shared directory. This assumes it has easy and quick access to the Volume storing networked home folders? The LDAP Database in that case would then become writable. Later on and whenever you've fixed the problem with the old Master it can quickly be demoted and made a Replica of the now new Master.
Although this is for 10.6 Server (it is nevertheless still applicable) everything you need to know about Master and Replica relationships is here:
http://manuals.info.apple.com/en_US/OpenDirAdmin_v10.6.pdf
Page 55 onwards.
From Page 64:
"The Open Directory master and its replicas must use the same version of Mac OS X Server. . ."
If your OD Master is also providing Mail, Calendar and Contact Services then none of these will be replicated. You will have to maintain a backup of these databases yourself using whatever method you deem fit for your needs.
HTH?
Tony

Authentication failed binding to mac server 2.2.1

I have setup a new Mac Mini Server running Mountain Lion 10.8.2 and OS X Server 2.2.1. I am trying to join my Macbook Pro to Open Directory however it continues to fail. It does prompt with the SSL warning which I select continue on, however when I enter the diradmin username and password I get an Authentication Failed message when binding. I can access the directory via workgroup manager ok and I have also been able to join my Synology NAS to the Directory Service first time.
Baffled and scratching my head. Any ideas?

Server Version is 2.2.1 and it's installed on a Mac Mini Server running 10.8.2. Just a single OD server at present.
Future project: Can we make a Synology NAS which can also a be a Open Directory Server act as a Domain Replica?

Iplanet Directory server 5.0 replication issue

Hi,
I'm currently running some test for replication with the OLD version of DS 5.0 on Windows XP
Running 2 Servers Master A and Consumer B, where A is the original who initialise B with Data then from there on Master A replicates changes to Consumer B.
My problem is here, I can initialise the the Data ( copying it from A to B ) no problem.
But when I make changes in A and wait for it to replication from A --> B.
it does nothing.
I followed MOST of the steps in the replication guide for Administrator, but have hit a wall.
Only part i did no understand is below:
//=============================================
Create the entry corresponding to the supplier bind DN, if it does not exist. This is the special entry that the supplier will use to bind.
In the Directory Server Console, click the Directory tab, and create an entry. For example you could use cn=Replication Manager,cn=config.
Specify a userPassword attribute-value pair.
If you have enabled password expiration, or intend to do so in future, disable the password expiration policy on this attribute, by adding the passwordExpirationTime attribute with a value of 20380119031407Z.
//=============================================
Therefore I used cn=Replication Manager,cn=config wheen it asked during the replication config setup.
I also used this when creating the Directory server instance for Master A and Consumer B.
Logs are below:
ConsumerB Error Log
[31/Oct/2008:11:29:44 +1300] - slapd started. Listening on all interfaces port 10264 for LDAP requests
[31/Oct/2008:11:29:44 +1300] - cos_cache_getref: no cos cache created
[31/Oct/2008:11:34:34 +1300] NSMMReplicationPlugin - multimaster_be_state_change: replica o=psbconexa.co.nz is going offline; disabling replication
[31/Oct/2008:11:34:34 +1300] - import userRoot: Index buffering enabled with bucket size 10
[31/Oct/2008:11:34:34 +1300] - import userRoot: Beginning import job...
[31/Oct/2008:11:34:35 +1300] - import userRoot: Workers finished; cleaning up...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Workers cleaned up.
[31/Oct/2008:11:34:37 +1300] - import userRoot: Indexing complete. Post-processing...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Flushing caches...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Closing files...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Import complete. Processed 3 entries in 3 seconds. (1.00 entries/sec)
[31/Oct/2008:11:34:37 +1300] NSMMReplicationPlugin - multimaster_be_state_change: replica o=psbconexa.co.nz is coming online; enabling replication
[31/Oct/2008:11:34:38 +1300] NSMMReplicationPlugin - repl_set_mtn_referrals: could not set referrals for replica o=psbconexa.co.nz: 53
ConsumerB Access Log:
[31/Oct/2008:11:36:32 +1300] conn=6 op=6 UNBIND
[31/Oct/2008:11:36:32 +1300] conn=6 op=6 fd=1320 closed - U1
[31/Oct/2008:11:36:38 +1300] conn=2 op=135 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:38 +1300] conn=2 op=135 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=136 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:38 +1300] conn=2 op=136 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=137 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="namingContexts"
[31/Oct/2008:11:36:38 +1300] conn=2 op=137 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=138 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=138 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=139 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=139 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=140 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=140 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=141 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-privatenamespaces"
[31/Oct/2008:11:36:38 +1300] conn=2 op=141 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=142 SRCH base="cn=schema" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=142 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=143 SRCH base="cn=monitor" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=143 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=144 SRCH base="cn=monitor" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=144 RESULT err=0 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=145 SRCH base="cn=monitor" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=145 RESULT err=0 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=146 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=146 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=147 SRCH base="cn=config" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=147 RESULT err=0 tag=101 nentries=4 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=148 ABANDON msgid=628
[31/Oct/2008:11:36:38 +1300] conn=2 op=149 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="subschemaSubentry"
[31/Oct/2008:11:36:38 +1300] conn=2 op=149 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=150 SRCH base="cn=schema" scope=0 filter="(objectClass=subschema)" attrs="* ldapSyntaxes"
[31/Oct/2008:11:36:38 +1300] conn=2 op=150 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=151 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nscpEntryDN ldapSyntaxes nsUniqueId ldapSchemas passwordExpirationTime passwordRetryCount nsTimeLimit hasSubordinates modifiersName passwordAllowChangeTime numSubordinates copyingFrom nsRoleDN entryid passwordExpWarned nsIdleTimeout entrydn modifyTimestamp accountUnlockTime nsRole nsds5ReplConflict nsAccountLock passwordHistory retryCountResetTime parentid copiedFrom createTimestamp nsBackendSuffix nsSchemaCSN subschemaSubentry creatorsName aci nsSizeLimit dncomp nsLookThroughLimit *"
[31/Oct/2008:11:36:39 +1300] conn=2 op=151 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=152 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:39 +1300] conn=2 op=152 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=153 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=153 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=154 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=154 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=155 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[31/Oct/2008:11:36:39 +1300] conn=2 op=155 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=156 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:39 +1300] conn=2 op=156 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=157 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=157 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=158 SRCH base="ou=Ray001,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:41 +1300] conn=2 op=158 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 SRCH base="ou=Ray001,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 VLV 50:50:49:0 0:0 (0)
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 RESULT err=0 tag=101 nentries=0 etime=0 notes=U
[31/Oct/2008:11:36:41 +1300] conn=2 op=160 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:41 +1300] conn=2 op=160 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=161 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsBackendSuffix"
[31/Oct/2008:11:36:41 +1300] conn=2 op=161 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=162 SRCH base="cn=MCC ou=Ray001 o=psbconexa.co.nz, cn=userRoot, cn=ldbm database, cn=plugins, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[31/Oct/2008:11:36:41 +1300] conn=2 op=162 RESULT err=32 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:48 +1300] conn=2 op=163 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-accesslog nsslapd-accesslog-list"
[31/Oct/2008:11:36:48 +1300] conn=2 op=163 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:50 +1300] conn=2 op=164 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-errorlog nsslapd-errorlog-list"
[31/Oct/2008:11:36:50 +1300] conn=2 op=164 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:52 +1300] conn=2 op=165 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-auditlog nsslapd-auditlog-list"
[31/Oct/2008:11:36:52 +1300] conn=2 op=165 RESULT err=0 tag=101 nentries=1 etime=0
//=====================
MasterA Error Log:
There seem to have no update during the time i started teh replication? replication updated started at about 31/Oct/2008:11:36:XX but in the logs in is 1 min behind with nothing i believe is important.
but let me know if needed.

And here is the backward replication from consumer to master WHICH SHOULDN"T happen.......
Created a new entry organization called, TEST002 on consumer side, which did not appear of course, but appeared on the Master side????...........................................................................
Master log:
[05/Nov/2008:10:58:21 +1300] conn=13617 fd=2292 slot=2292 connection from 10.1.1.79 to 10.30.1.200
[05/Nov/2008:10:58:21 +1300] conn=13617 op=0 BIND dn="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" method=128 version=3
[05/Nov/2008:10:58:21 +1300] conn=13617 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot"
[05/Nov/2008:10:58:21 +1300] conn=13617 op=1 ADD dn="ou=TEST002,o=marketsite,o=psbconexa.co.nz"
[05/Nov/2008:10:58:21 +1300] conn=13617 op=1 RESULT err=0 tag=105 nentries=0 etime=0 csn=4910c57d000000050000
[05/Nov/2008:10:58:21 +1300] conn=13617 op=2 UNBIND
[05/Nov/2008:10:58:21 +1300] conn=13617 op=2 fd=2292 closed - U1
[05/Nov/2008:10:58:28 +1300] conn=13614 op=236 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=236 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=237 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=237 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=238 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=238 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=239 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[05/Nov/2008:10:58:28 +1300] conn=13614 op=239 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=240 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=240 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=241 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=241 RESULT err=0 tag=101 nentries=12 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=242 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=242 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=243 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=243 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=244 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=244 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=245 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=245 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=246 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=246 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=247 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=247 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=248 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=248 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=249 ABANDON msgid=322
[05/Nov/2008:10:58:32 +1300] conn=13614 op=250 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=250 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=251 ABANDON msgid=324
[05/Nov/2008:10:58:32 +1300] conn=13614 op=252 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=252 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=253 ABANDON msgid=326
[05/Nov/2008:10:58:32 +1300] conn=13614 op=254 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=254 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=255 ABANDON msgid=328
[05/Nov/2008:10:58:33 +1300] conn=13614 op=256 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=256 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=257 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=257 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 SORT cn givenName o ou sn (12)
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 VLV 50:50:49:0 12:12 (0)
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 RESULT err=0 tag=101 nentries=12 etime=0 notes=U
[05/Nov/2008:10:58:33 +1300] conn=13614 op=259 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=259 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=260 ABANDON msgid=333
[05/Nov/2008:10:58:33 +1300] conn=13614 op=261 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=261 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=262 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=262 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=263 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=263 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=264 ABANDON msgid=337
[05/Nov/2008:10:58:33 +1300] conn=13614 op=265 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=265 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=266 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=266 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=267 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=267 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=268 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=268 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=269 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=269 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=270 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=270 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=271 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=271 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=272 ABANDON msgid=345
[05/Nov/2008:10:58:33 +1300] conn=13614 op=273 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=273 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=274 ABANDON msgid=347
[05/Nov/2008:10:58:33 +1300] conn=13614 op=275 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nscpEntryDN ldapSyntaxes nsUniqueId ldapSchemas passwordExpirationTime passwordRetryCount nsTimeLimit hasSubordinates modifiersName passwordAllowChangeTime numSubordinates copyingFrom nsRoleDN entryid passwordExpWarned nsIdleTimeout entrydn modifyTimestamp accountUnlockTime nsRole nsds5ReplConflict nsAccountLock passwordHistory retryCountResetTime parentid copiedFrom createTimestamp nsBackendSuffix nsSchemaCSN subschemaSubentry creatorsName aci nsSizeLimit dncomp nsLookThroughLimit *"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=275 RESULT err=0 tag=101 nentries=1 etime=0
///===========
Consumer log:
[05/Nov/2008:10:58:20 +1300] conn=1 op=449 ADD dn="ou=TEST002,o=marketsite,o=psbconexa.co.nz"
[05/Nov/2008:10:58:20 +1300] conn=1 op=449 RESULT err=10 tag=105 nentries=0 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 fd=1088 slot=1088 connection from 10.30.1.200 to 10.1.1.79
[05/Nov/2008:10:58:20 +1300] conn=13 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[05/Nov/2008:10:58:20 +1300] conn=13 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[05/Nov/2008:10:58:20 +1300] conn=13 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[05/Nov/2008:10:58:20 +1300] conn=13 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 op=2 EXT oid="2.16.840.1.113730.3.5.3"
[05/Nov/2008:10:58:20 +1300] conn=13 op=2 RESULT err=0 tag=120 nentries=0 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 op=3 SRCH base="cn=schema" scope=0 filter="(objectClass=*)" attrs="nsSchemaCSN"
[05/Nov/2008:10:58:20 +1300] conn=13 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=450 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=450 RESULT err=0 tag=101 nentries=10 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=451 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=451 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=452 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=452 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=453 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=453 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=454 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=454 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=455 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=455 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=456 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=456 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=457 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=457 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=458 ABANDON msgid=542
[05/Nov/2008:10:58:21 +1300] conn=1 op=459 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=459 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=460 ABANDON msgid=544
[05/Nov/2008:10:58:21 +1300] conn=1 op=461 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=461 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=462 ABANDON msgid=546
[05/Nov/2008:10:58:21 +1300] conn=1 op=463 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=463 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=464 ABANDON msgid=548
[05/Nov/2008:10:58:21 +1300] conn=1 op=465 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=465 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=466 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=466 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 SORT cn givenName o ou sn (10)
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 VLV 50:50:49:0 10:10 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 RESULT err=0 tag=101 nentries=10 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=468 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=468 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=469 ABANDON msgid=553
[05/Nov/2008:10:58:21 +1300] conn=1 op=470 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=470 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=471 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=471 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=472 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=472 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=473 ABANDON msgid=557
[05/Nov/2008:10:58:21 +1300] conn=1 op=474 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=474 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=475 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=475 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=476 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=476 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=477 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=477 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=478 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=478 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=479 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=479 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=480 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=480 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=481 ABANDON msgid=565
[05/Nov/2008:10:58:21 +1300] conn=1 op=482 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=482 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=483 ABANDON msgid=567
[05/Nov/2008:10:58:21 +1300] conn=1 op=484 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=484 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 SORT cn givenName o ou sn (2)
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 VLV 50:50:49:0 2:2 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 RESULT err=0 tag=101 nentries=2 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=486 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=486 RESULT err=0 tag=101 nentries=10 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=487 ABANDON msgid=571
[05/Nov/2008:10:58:21 +1300] conn=1 op=488 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:21 +1300] conn=1 op=488 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=489 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsBackendSuffix"
[05/Nov/2008:10:58:21 +1300] conn=1 op=489 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=490 SRCH base="cn=MCC o=psbconexa.co.nz, cn=userRoot, cn=ldbm database, cn=plugins, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[05/Nov/2008:10:58:21 +1300] conn=1 op=490 RESULT err=32 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=491 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=491 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 SORT cn givenName o ou sn (10)
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 VLV 50:50:49:0 10:10 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 RESULT err=0 tag=101 nentries=10 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=493 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=493 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=494 ABANDON msgid=578
[05/Nov/2008:10:58:21 +1300] conn=1 op=495 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource

Binding Snow Leopard server OD to Mavericks server OD

Does anyone know if it's possible to setup a Snow Leopard server to bind Open Directory to a new server running Macvericks server?
I have 2 new mac minis running 10.9.4 with server 3.1.2 on them, one as an OD master and the other as a replica. We have a couple of older Xserves still running Snow Leopard server and must keep them that way because of some other software that can't be upgraded.
What we need is those 2 servers to be able to bind (not as a replica as it's not possible) to the master OD mac mini for authentication? I've been able to get the OD process on them to be set to "connect to another directory" then use Directory Utility to try and bind LDAPv3 to the master mini but it says invalid credentials supplied when I type in the proper OD username and password.
Any thoughts?

To work as Master and Replicas, all must be the same version of Server.
You cannot bind as Open Directory Servers (as in combining Open Directories), but you can run Mac OS X 10.6.8 workstations [running 10.6.8 or 10.6.8 Server] off a Mavericks plus Server 3 Open Directory Server. You can have Home Directories on an older Server. You may be able to provide some services off the older Servers. But you cannot keep them as Open Directory Servers on the same Network.
I think you just shut off Open Directory on the 10.6.8 Servers, then use Directory Utility to Bind to the Mac Mini or Replica Server as if they were Workstations.

Directory server 4.12 and 4.15 problem with Solaris 8

Hi there,
I have been having an ongoing problem with my read/write master
directory server. It
occasionally stops responding to bind attempts and queries. The current
setup as is running
on a Sunfire 280R with Solaris 8. Up until a few days ago I was running
4.12, I upgraded this
to 4.15 to see of the problem would go away. I am running several 4.13
replicas on other
Solaris 8 machines with no problems.
The biggest problem is that this master directory server is needed for
our Iplanet messaging
server 5.1 implementation. Every time the directory fails you cannot log
in to the messaging
server. (there doesn't appear to be anyway of sending authentication to
a read only server).
Anyway I was just wanting to see if anyone else had the same problem or
had fixed it and could
provide some insight into how to fix it. Also any pointers on what to
look for in the directory
server error logs would be useful.
I had an idea that it might have been running out of available
connections so I set it to close idle
connections after 300 seconds. Is there any docs on tuning the resources
for the server or for
identifying if you have a resource problem?
Any help or ideas would be appreciated. Please contact me directly as
well as to the newsgroup
if possible.
Thanks,
Scott.
Scott Lawson
Systems Manager
Department Of Information Services
St. George's Hospital Medical School
Tooting
London SW17 0RE
UK
P: 44 (0)208 725 2896
F: 44 (0)208 725 3583
mailto:[email protected]
http://www.sghms.ac.uk
Your mouse has moved.
Windows must be restarted for the change to take effect.
Reboot now? [OK]
__________________________________________________________________

Scott Lawson <[email protected]> wrote in news:3BCAA419.E322F958
@sghms.ac.uk:
>
I had an idea that it might have been running out of available
connections so I set it to close idle
connections after 300 seconds. Is there any docs on tuning the resources
for the server or for
identifying if you have a resource problem?4.15 hotfix solves a problem with FDs running out (apparently .... we are
still testing0.
/* Christopher Burke - Spam Mail to [email protected]
|*
\* Real mail to cburke(at)craznar(dot)com

Lion Server problem - Computer is already a network directory server

So I purchased Lion Server to trial it at home and it is not going well. Initially I was having issues connecting to the web interfaces for profile manager, etc. The server was not responding and so I uninstalled server and reinstalled it from the Mac Store (FYI: Apple has charged me for the OS and the server app as a result of this for some reason!!!)
With Server reinstalled I went to set up the server as a network directory and am shown this message every time I try to set up the directory admin account: "Computer is already a network directory server - This computer is already configured to manage network accounts. It cannot be configured again."
This leaves me unable to set up any profile or device management, I have tried the following solutions:
Uninstall and reinstall server
Deleted ServerVersion plist
Reinstalled Lion
Reinstalled Lion with format of HDD (although I did recover from a Time Machine Backup which included settings)
Any help would be appreciated.

Sorry I copied the wrong log.
What is happening is the Open Directory Assistant attempts to create and Open Directory Master but fails claiming there was a configuration error and to view the configuration log which I have copied below.
2011-07-28 19:57:45 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2011-07-28 19:57:45 +0000 command: /usr/bin/ldapsearch -x -LLL -H ldapi://%2Fvar%2Frun%2Fldapi -b cn=config -s base olcServerID
2011-07-28 19:57:45 +0000 command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2011-07-28 19:57:45 +0000 command: /usr/sbin/mkpassdb -o -u diradmin -p -q
2011-07-28 19:57:46 +0000
2011-07-28 19:57:48 +0000 command: /usr/sbin/mkpassdb -setadmin 0xdc9dacf8b95311e0b494d49a20d93acc 0
2011-07-28 19:57:48 +0000 Admin's entry UUID is: 9134bc0a-a748-4161-b6b2-53c136b933b9
2011-07-28 19:57:48 +0000 Setting SASL realm to <SERVER.FREEMAN.PRIVATE>
2011-07-28 19:57:48 +0000 command: /usr/sbin/mkpassdb -setrealm SERVER.FREEMAN.PRIVATE
2011-07-28 19:57:48 +0000 command: /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.PasswordService.plist
2011-07-28 19:57:49 +0000 Stopping LDAP server (slapd)
2011-07-28 19:57:52 +0000 Starting LDAP server (slapd)
2011-07-28 19:57:52 +0000 Waiting for slapd to start
2011-07-28 19:57:52 +0000 ...
2011-07-28 19:57:54 +0000 Configuring Kerberos server, realm is SERVER.FREEMAN.PRIVATE
2011-07-28 19:57:54 +0000 command: /usr/sbin/kdcsetup -f /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi -w -a diradmin -p **** -v 1 SERVER.FREEMAN.PRIVATE
2011-07-28 19:58:18 +0000 Contacting the Directory Server
Authenticating to the Directory Server
Creating Kerberos directory
Creating KDC Config File
Creating Kerberos Database
Creating new random master key
Creating Kerberos Admin user
Creating ACL file
Adding kerberos auth authority to admin user
Starting kdc & kadmind
Adding the new KDC into the KerberosClient config record
Finished
2011-07-28 19:58:18 +0000 command: /usr/sbin/kdcsetup -e
2011-07-28 19:58:18 +0000 command: /usr/sbin/sso_util configure -x -r SERVER.FREEMAN.PRIVATE -f /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi -a diradmin -p **** -v 1 all
2011-07-28 19:58:19 +0000 command: /usr/sbin/mkpassdb -kerberize
2011-07-28 19:58:19 +0000 Updating user records and principals
2011-07-28 19:58:34 +0000 Asking OpenDirectoryConfig to bind to server: 127.0.0.1
2011-07-28 19:58:38 +0000 Attempting to open /LDAPv3/127.0.0.1 node
2011-07-28 19:58:38 +0000 Verified /LDAPv3/127.0.0.1 node is available
2011-07-28 19:58:40 +0000 command: /usr/sbin/sso_util info -r /LDAPv3/127.0.0.1 -p
2011-07-28 19:58:40 +0000 Creating Root CA
2011-07-28 19:58:41 +0000 ***Error creating domain CA. Error - The specified item already exists in the keychain.
2011-07-28 19:58:41 +0000 Root CA creation failed with error - -25299
2011-07-28 19:58:41 +0000 Destroying OD master as CA creation failed with error 75
2011-07-28 19:58:41 +0000 Logging slapd container data to /var/run/slapconfig_error_1311883121
2011-07-28 19:58:41 +0000 Stopping LDAP server (slapd)
2011-07-28 19:58:44 +0000 command: /usr/sbin/slapcat -l /var/run/slapconfig_error_1311883121/user.ldif
2011-07-28 19:58:44 +0000 command: /usr/sbin/slapcat -b cn=authdata -l /var/run/slapconfig_error_1311883121/authdata.ldif
2011-07-28 19:58:45 +0000 Error retrieving kerberos realm
2011-07-28 19:58:45 +0000 CopyReplicaArray: ldap_search_ext_s failed
2011-07-28 19:58:45 +0000 Error retrieving replica array
2011-07-28 19:58:45 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.opendirectorybackup.plist
2011-07-28 19:58:45 +0000 Deleting Cert Authority related data
2011-07-28 19:58:45 +0000 No intCAIdentity, not removing int CA from keychain
2011-07-28 19:58:45 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd.plist
2011-07-28 19:58:45 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd-helper.plist
2011-07-28 19:58:45 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertadmin.plist
2011-07-28 19:58:45 +0000 _destroyLDAPServer: Failed to find computer record named server.freeman.private$: 2100 Connection failed to the directory server.
2011-07-28 19:58:45 +0000 Updating ldapreplicas on primary master
2011-07-28 19:58:45 +0000 Unable to locate primary master
2011-07-28 19:58:45 +0000 Primary master node is nil!
2011-07-28 19:58:45 +0000 Unable to locate ldapreplicas record: 0 (null)
2011-07-28 19:58:45 +0000 Error setting read ldap replicas array: 0 (null)
2011-07-28 19:58:45 +0000 Error setting write ldap replicas array: 0 (null)
2011-07-28 19:58:45 +0000 Could not retrieve xmlplist from ldapreplicas: 0 (null)
2011-07-28 19:58:45 +0000 Error synchronizing ldapreplicas: 0 (null)
2011-07-28 19:58:45 +0000 Removing self from the database
2011-07-28 19:58:45 +0000 Warning: An error occurred while re-enabling GSSAPI.
2011-07-28 19:58:45 +0000 Stopping LDAP server (slapd)
2011-07-28 19:58:46 +0000 cleanKeytab: unable to retrieve default realm

Dscc directory server plugin display

I am having problems with dscc connecting to my ldap server and displaying the plugins that are currently active.
When i run the dscc enable-plugin "plugin name" its shows that it is enabled.
The user id i am using to connect to my ldap server is cn=admin,cn=administrators,cn=dscc user.
I can definitely ldapsearch for the plugins.
Am i missing something?

Bonjour Gregoire,
Yes, you should install the Directory Server plugin on all replicas.
The plugin on the read-only replicas participates in the on-demand password synchronization process: consider the case when a user BINDs to a read-only replica and the user's password is marked as invalid. In this case, the IdSync plugin in the read-only replica is the one that forwards this authentication request to the replication master (the master forwards the authentication to Active Directory).
If you can guarantee that no user authenticates at read-only replicas, then you can live with installing the plugin on the master server only.
Bertold

SMTP requests cause the directory server to allocate all processor resource

Using JES 2005Q1.
The problem started when adding mass number of users. When running the commadmin for a long time, the system will hang. We tuned the directory server by increasing the database, initialization and entry cache. I changed many other parameters to tune parameters. It was worthless.
I shifted to ldif and used ldapmodify to create those users.
The users were created successfully. But when the smtp traffic was directed to the server, the nslapd process will allocate 95% of the CPU in 5 minutes.
The problem is in the way the directory server is searched when it accepts an smtp request.
Knowing that the server is currently used only for Messaging Server, any suggestions on how to improve the performance of the directory?
Thanks in advance.

The "lookthroughlimit" is set to -1.
I sent from a local user on the server to the same user and the log was this :
"[04/Oct/2005:10:26:02 -0300] conn=1407 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:02 -0300] conn=1406 op=-1 msgId=-1 - closing - T1
[04/Oct/2005:10:26:02 -0300] conn=1406 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:26:02 -0300] conn=1407 op=0 msgId=1 - BIND dn="uid=msg-admin-marmara.terra.net.lb-20050906144228Z, ou=People, o=terra.net.lb,o=isp" method=128 version=3
[04/Oct/2005:10:26:02 -0300] conn=1407 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=msg-admin-marmara.terra.net.lb-20050906144228z,ou=people,o=terra.net.lb,o=isp"
[04/Oct/2005:10:26:02 -0300] conn=1407 op=1 msgId=2 - SRCH base="o=isp" scope=2 filter="(&(objectClass=sunManagedOrganization)(|(associatedDomain=marmara.terra.net.lb)(sunPreferredDomain=marmara.terra.net.lb)))" attrs=ALL
[04/Oct/2005:10:26:02 -0300] conn=1408 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:02 -0300] conn=1408 op=0 msgId=141 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:26:02 -0300] conn=1408 op=0 msgId=141 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:26:02 -0300] conn=1407 op=1 msgId=2 - RESULT err=0 tag=101 nentries=0 etime=0
[04/Oct/2005:10:26:16 -0300] conn=1407 op=2 msgId=3 - SRCH base="o=isp" scope=2 filter="(&(objectClass=sunManagedOrganization)(|(associatedDomain=terra.net.lb)(sunPreferredDomain=terra.net.lb)))" attrs=ALL
[04/Oct/2005:10:26:16 -0300] conn=1407 op=2 msgId=3 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:16 -0300] conn=1407 op=3 msgId=4 - SRCH base="o=terra.net.lb,o=isp" scope=2 filter="(&(uid=dede1)(objectClass=inetmailuser))" attrs="uid inetUserStatus mailUserStatus mailAllowedServiceAccess inetsubscriberstatus inetauthorizedservices nsmsgDisallowAccess mailAccessDomain mailHost mailMessageStore preferredLanguage mail mailQuota mailMsgQuota aclGroupAddr pabURI maxPabEntries preferredLocale"
[04/Oct/2005:10:26:16 -0300] conn=1407 op=3 msgId=4 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:16 -0300] conn=1409 op=-1 msgId=-1 - fd=41 slot=41 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:16 -0300] conn=1409 op=0 msgId=1 - BIND dn="uid=dede1,ou=People,o=terra.net.lb,o=isp" method=128 version=3
[04/Oct/2005:10:26:16 -0300] conn=1409 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=dede1,ou=people,o=terra.net.lb,o=isp"
[04/Oct/2005:10:26:17 -0300] conn=1407 op=4 msgId=5 - SRCH base="uid=dede1,ou=people,o=terra.net.lb,o=isp" scope=0 filter="(objectClass=*)" attrs="cn cn;lang-en givenName givenName;lang-en mail mailAlternateAddress mailAutoReplyMode mailAutoReplySubject mailAutoReplySubject;lang-en mailAutoReplyText mailAutoReplyText;lang-en mailAutoReplyTextInternal mailAutoReplyTextInternal;lang-en mailAutoReplyTimeout mailDeliveryOption mailForwardingAddress mailQuota mailMsgQuota preferredLanguage sn sn;lang-en uid vacationEndDate vacationStartDate mailHost mailSieveRuleSource sunUCDateFormat sunUCDateDelimiter sunUCTimeFormat nswmExtendedUserPrefs"
[04/Oct/2005:10:26:17 -0300] conn=1407 op=4 msgId=5 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:18 -0300] conn=1410 op=-1 msgId=-1 - fd=42 slot=42 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:18 -0300] conn=1410 op=0 msgId=1 - BIND dn="uid=msg-admin-marmara.terra.net.lb-20050906144228Z, ou=People, o=terra.net.lb,o=isp" method=128 version=3
[04/Oct/2005:10:26:18 -0300] conn=1410 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=msg-admin-marmara.terra.net.lb-20050906144228z,ou=people,o=terra.net.lb,o=isp"
[04/Oct/2005:10:26:18 -0300] conn=1410 op=1 msgId=2 - SRCH base="ou=dede1,ou=people,o=terra.net.lb,o=isp,o=pab" scope=2 filter="(|(cn=*)(ou=*))" attrs=ALL
[04/Oct/2005:10:26:18 -0300] conn=1410 op=1 msgId=2 - RESULT err=0 tag=101 nentries=2 etime=0
[04/Oct/2005:10:26:18 -0300] conn=1410 op=2 msgId=3 - SRCH base="ou=dede1,ou=people,o=terra.net.lb,o=isp,o=pab" scope=2 filter="(|(objectClass=pab)(objectClass=pabgroup))" attrs=ALL
[04/Oct/2005:10:26:18 -0300] conn=1410 op=2 msgId=3 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:18 -0300] conn=1410 op=3 msgId=4 - SRCH base="ou=dede1,ou=people,o=terra.net.lb,o=isp,o=pab" scope=2 filter="(memberOfPAB=AddressBookabbe53c)" attrs="un cn sn givenName mail description telephoneNumber homePhone memberOfPAB memberOfPABGroup objectClass"
[04/Oct/2005:10:26:18 -0300] conn=1410 op=3 msgId=4 - RESULT err=0 tag=101 nentries=0 etime=0
[04/Oct/2005:10:26:47 -0300] conn=1411 op=-1 msgId=-1 - fd=49 slot=49 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:47 -0300] conn=1411 op=0 msgId=1 - BIND dn="uid=msg-admin-marmara.terra.net.lb-20050906144228Z, ou=People, o=terra.net.lb,o=isp" method=128 version=3
[04/Oct/2005:10:26:47 -0300] conn=1411 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=msg-admin-marmara.terra.net.lb-20050906144228z,ou=people,o=terra.net.lb,o=isp"
[04/Oct/2005:10:26:47 -0300] conn=1411 op=1 msgId=2 - SRCH base="o=isp" scope=2 filter="(&(objectClass=sunManagedOrganization)(|(associatedDomain=terra.net.lb)(sunPreferredDomain=terra.net.lb)))" attrs=ALL
[04/Oct/2005:10:26:47 -0300] conn=1411 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:47 -0300] conn=1411 op=2 msgId=3 - SRCH base="o=terra.net.lb,o=isp" scope=2 filter="(|([email protected])([email protected])([email protected]))" attrs="preferredLanguage mail mailEquivalentAddress"
[04/Oct/2005:10:26:47 -0300] conn=1411 op=2 msgId=3 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:47 -0300] conn=1411 op=3 msgId=4 - SRCH base="o=terra.net.lb,o=isp" scope=2 filter="(|([email protected])([email protected])([email protected]))" attrs="objectClass inetUserStatus mailUserStatus inetMailGroupStatus uid preferredLanguage mailRoutingAddress mailDeliveryOption mail mailAlternateAddress mailEquivalentAddress vacationStartDate vacationEndDate mailConversionTag mailMsgMaxBlocks mailHost mailQuota mailMsgQuota mailProgramDeliveryInfo mailDeliveryFileURL maildeliveryfile mailAutoReplyMode mailAutoReplySubject mailAutoReplyText mailAutoReplyTextInternal mailAutoReplyTimeout mailSieveRuleSource mailForwardingAddress mailDeferProcessing mgrpMsgRejectAction mgrprejecttext mgrpMsgRejectText mgrpBroadcasterPolicy mgrpDisallowedBroadcaster mgrpAllowedBroadcaster mgrpDisallowedDomain mgrpAllowedDomain mgrpMsgMaxsize mgrpAuthPassword mgrpModerator mgrpDeliverTo memberURL uniqueMember mgrpRFC822MailMember rfc822mailmember mgrpErrorsTo mgrpAddHeader mgrpRemoveHeader mgrpMsgPrefixText mgrpMsgSuffixText mgmanMemberVisibility expandable"
[04/Oct/2005:10:26:47 -0300] conn=1411 op=3 msgId=4 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:26:47 -0300] conn=1411 op=4 msgId=5 - SRCH base="o=isp" scope=2 filter="(&(objectClass=sunManagedOrganization)(|(associatedDomain=ims-ms-daemon)(sunPreferredDomain=ims-ms-daemon)))" attrs=ALL
[04/Oct/2005:10:26:48 -0300] conn=1411 op=4 msgId=5 - RESULT err=0 tag=101 nentries=0 etime=1
[04/Oct/2005:10:26:48 -0300] conn=1412 op=-1 msgId=-1 - fd=50 slot=50 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:26:48 -0300] conn=1412 op=0 msgId=1 - BIND dn="cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group, cn=marmara.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=2
[04/Oct/2005:10:26:48 -0300] conn=1412 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:26:48 -0300] conn=1412 op=1 msgId=2 - SRCH base="cn=configuration,cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(objectClass=*)" attrs=ALL
[04/Oct/2005:10:26:48 -0300] conn=1412 op=1 msgId=2 - RESULT err=0 tag=101 nentries=31 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1418 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:32:56 -0300] conn=1415 op=-1 msgId=-1 - closing - T1
[04/Oct/2005:10:32:56 -0300] conn=1415 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:32:56 -0300] conn=1418 op=0 msgId=1 - BIND dn="cn=admin-serv-marmara, cn=Administration Server, cn=Server Group, cn=marmara.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=3
[04/Oct/2005:10:32:56 -0300] conn=1418 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=admin-serv-marmara,cn=administration server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:32:56 -0300] conn=1418 op=1 msgId=2 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:32:56 -0300] conn=1418 op=1 msgId=2 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:32:56 -0300] conn=1418 op=2 msgId=3 - UNBIND
[04/Oct/2005:10:32:56 -0300] conn=1418 op=2 msgId=-1 - closing - U1
[04/Oct/2005:10:32:56 -0300] conn=1419 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:32:56 -0300] conn=1418 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:32:56 -0300] conn=1419 op=0 msgId=1 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:32:56 -0300] conn=1419 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=1 msgId=2 - SRCH base="cn=statusping,cn=operation,cn=tasks,cn=admin-serv-marmara,cn=administration server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=0 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=2 msgId=3 - SRCH base="cn=admin-serv-marmara,cn=administration server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=2 msgId=3 - RESULT err=0 tag=101 nentries=22 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=3 msgId=4 - SRCH base="cn=slapd-marmara,cn=sun one directory server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=3 msgId=4 - RESULT err=0 tag=101 nentries=9 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=4 msgId=5 - SRCH base="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=4 msgId=5 - RESULT err=0 tag=101 nentries=16 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=5 msgId=6 - SRCH base="cn=sun one directory server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=5 msgId=6 - RESULT err=0 tag=101 nentries=13 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=6 msgId=7 - SRCH base="cn=administration server,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=6 msgId=7 - RESULT err=0 tag=101 nentries=22 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=7 msgId=8 - SRCH base="cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(nsExecRef=*)" attrs="nsExecRef nsLogSuppress"
[04/Oct/2005:10:32:56 -0300] conn=1419 op=7 msgId=8 - RESULT err=0 tag=101 nentries=17 etime=0
[04/Oct/2005:10:32:56 -0300] conn=1419 op=8 msgId=9 - UNBIND
[04/Oct/2005:10:32:56 -0300] conn=1419 op=8 msgId=-1 - closing - U1
[04/Oct/2005:10:32:57 -0300] conn=1419 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:33:02 -0300] conn=1420 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:33:02 -0300] conn=1420 op=0 msgId=143 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:33:02 -0300] conn=1420 op=0 msgId=143 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:35:00 -0300] conn=1421 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:35:00 -0300] conn=1420 op=-1 msgId=-1 - closing - T1
[04/Oct/2005:10:35:00 -0300] conn=1420 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:35:00 -0300] conn=1421 op=0 msgId=1 - BIND dn="cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group, cn=marmara.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=2
[04/Oct/2005:10:35:00 -0300] conn=1421 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:35:00 -0300] conn=1421 op=1 msgId=2 - SRCH base="cn=configuration,cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(objectClass=*)" attrs=ALL
[04/Oct/2005:10:35:00 -0300] conn=1421 op=1 msgId=2 - RESULT err=0 tag=101 nentries=31 etime=0
[04/Oct/2005:10:35:00 -0300] conn=1422 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:35:00 -0300] conn=1422 op=0 msgId=1 - BIND dn="cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group, cn=marmara.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=2
[04/Oct/2005:10:35:00 -0300] conn=1422 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:35:00 -0300] conn=1422 op=1 msgId=2 - SRCH base="cn=configuration,cn=msg-config,cn=sun one messaging suite,cn=server group,cn=marmara.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(objectClass=*)" attrs=ALL
[04/Oct/2005:10:35:00 -0300] conn=1422 op=1 msgId=2 - RESULT err=0 tag=101 nentries=31 etime=0
[04/Oct/2005:10:35:00 -0300] conn=1422 op=2 msgId=3 - UNBIND
[04/Oct/2005:10:35:00 -0300] conn=1422 op=2 msgId=-1 - closing - U1
[04/Oct/2005:10:35:00 -0300] conn=1422 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:35:00 -0300] conn=1421 op=-1 msgId=-1 - closing - B1
[04/Oct/2005:10:35:00 -0300] conn=1421 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:35:02 -0300] conn=1423 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:35:02 -0300] conn=1423 op=0 msgId=144 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:35:02 -0300] conn=1423 op=0 msgId=144 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:35:31 -0300] conn=1424 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from 127.0.0.1 to 127.0.0.1
[04/Oct/2005:10:35:31 -0300] conn=1424 op=0 msgId=1 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:35:31 -0300] conn=1424 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[04/Oct/2005:10:35:31 -0300] conn=1424 op=1 msgId=3 - UNBIND
[04/Oct/2005:10:35:31 -0300] conn=1424 op=1 msgId=-1 - closing - U1
[04/Oct/2005:10:35:31 -0300] conn=1424 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:37:05 -0300] conn=1425 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from 212.98.130.21 to 212.98.130.20
[04/Oct/2005:10:37:05 -0300] conn=1423 op=-1 msgId=-1 - closing - T1
[04/Oct/2005:10:37:05 -0300] conn=1423 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:37:05 -0300] conn=1425 op=0 msgId=1 - BIND dn="cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group, cn=coral.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=2
[04/Oct/2005:10:37:05 -0300] conn=1425 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=coral.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:37:05 -0300] conn=1425 op=1 msgId=2 - SRCH base="cn=configuration,cn=msg-config,cn=sun one messaging suite,cn=server group,cn=coral.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(objectClass=*)" attrs=ALL
[04/Oct/2005:10:37:05 -0300] conn=1425 op=1 msgId=2 - RESULT err=0 tag=101 nentries=31 etime=0
[04/Oct/2005:10:37:05 -0300] conn=1426 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.21 to 212.98.130.20
[04/Oct/2005:10:37:05 -0300] conn=1426 op=0 msgId=1 - BIND dn="cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group, cn=coral.terra.net.lb, ou=terra.net.lb, o=NetscapeRoot" method=128 version=2
[04/Oct/2005:10:37:05 -0300] conn=1426 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=msg-config,cn=sun one messaging suite,cn=server group,cn=coral.terra.net.lb,ou=terra.net.lb,o=netscaperoot"
[04/Oct/2005:10:37:05 -0300] conn=1426 op=1 msgId=2 - SRCH base="cn=configuration,cn=msg-config,cn=sun one messaging suite,cn=server group,cn=coral.terra.net.lb,ou=terra.net.lb,o=netscaperoot" scope=2 filter="(objectClass=*)" attrs=ALL
[04/Oct/2005:10:37:05 -0300] conn=1426 op=1 msgId=2 - RESULT err=0 tag=101 nentries=31 etime=0
[04/Oct/2005:10:37:05 -0300] conn=1426 op=2 msgId=3 - UNBIND
[04/Oct/2005:10:37:05 -0300] conn=1426 op=2 msgId=-1 - closing - U1
[04/Oct/2005:10:37:05 -0300] conn=1426 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:37:05 -0300] conn=1425 op=-1 msgId=-1 - closing - B1
[04/Oct/2005:10:37:05 -0300] conn=1425 op=-1 msgId=-1 - closed.
[04/Oct/2005:10:37:17 -0300] conn=1427 op=-1 msgId=-1 - fd=38 slot=38 LDAP connection from 212.98.130.20 to 212.98.130.20
[04/Oct/2005:10:37:17 -0300] conn=1427 op=0 msgId=145 - BIND dn="cn=Directory Manager" method=128 version=3
[04/Oct/2005:10:37:17 -0300] conn=1427 op=0 msgId=145 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
This log was generated when the message was sent and recieved.
Thanks for the help.

Binding to directory server vs. OD replica

Similar Messages

Maybe you are looking for