Configure replication between directory server 5.1 and 5.2

Similar Messages

• Directory Server 5.1 and CMS 4.2 SP2

  There's a similar question on 16 January that didn't get answered.
  I realise I can configure CMS to publish certificates to an "external" DS 5.1 LDAP directory. However, I'd like to know whether there is a realistic method to make CMS use DS 5.1 for it's internal database (port 38900). I don't want to build a complex mixed-version environment unless there will be no alternative for (say) the next 6-9 months.
  I have a production user directory that is being upgraded from DS 4.12 to 5.1. Our CMS system is also in production, and was upgraded to 4.2 SP2 about 6 months ago.
  Does anyone have any experiences in this area that can help me decide on an optimal way forward?

  I recommened that you read the Release Notes of DS5.2, there are some notes on Replication between 5.1 and 5.2.
  ===
  In Directory Server 5.2, the schema file 11rfc2307.ldif has been altered to conform to rfc2307. If replication is enabled between 5.2 servers and 5.1 servers, the rfc2307 schema MUST be corrected on the 5.1 servers, or replication will not work correctly.
  Workaround
  To ensure correct replication between Directory Server 5.2 and Directory Server 5.1, perform the following tasks:
  * For zip installations, remove the 10rfc2307.ldif file from the 5.1 schema directory and copy the 5.2 11rfc2307.ldif file to the 5.1 schema directory. (5.1 Directory Server Solaris packages already include this change.)
  * Copy the following files from the 5.2 schema directory into the 5.1 schema directory, overwriting the 5.1 copies of these files:
  11rfc2307.ldif, 50ns-msg.ldif, 30ns-common.ldif, 50ns-directory.ldif, 50ns-mail.ldif, 50ns-mlm.ldif, 50ns-admin.ldif, 50ns-certificate.ldif, 50ns-netshare.ldif, 50ns-legacy.ldif, and 20subscriber.ldif.
  * Restart the Directory Server 5.1 server.
  * In the Directory Server 5.2 server, set the nsslapd-schema-repl-useronly attribute under cn=config to on.
  * Configure replication on both servers.
  * Initialize the replicas.
  ===
  Also search for "migrate" or "repl" or "5.1" in Release Notes and read the relevant information.
  http://docs.sun.com/source/817-7611/index.html
  Another guide is "Installation and Migration Guide"
  http://docs.sun.com/app/docs/doc/817-7608
  HTH.
  Gary

• Replication between Oracle Server and MS SQL Server

  Hello,
  Does anybody know of a well known or reliable software that can do data replication between Oracle Server and Microsoft SQL server.
  I suppose I can write my own version using Heterogenous Services in Oracle but I would like to know if such an automated replication between Oracle and SQL is available commercially.
  Thank you.

  Viacheslav Ostapenko wrote:
  Sorry, Aman,
  I couldn't find any info about replication to MS SQL. Is it possible at all? Could you provide link where we can read about this? It could be very interesting.Sorry Viacheslav, even I couldn't find anything for the same. I am not sure that it can be done or not, I haven't heard anyone in my contact doing so. The only place where I have seen Streams being used around me is within Oracle db only. May be someone else can help if he/she has done it.
  Aman....

• Active Directory - Server 2008 R2 and 2012 R2 (Server Formatting or not productive

  Hello guys, I come here to try to clarify a great doubts regarding Server Operating Systems, I will attempt to detail the most of my scenario.
  Suppose I have a Server 2008 R2 in production, and this is my Active Directory server (meudominio.local) and am managing through Group Policy settings my workstations that are around 60-70 computers, guys my doubts the thing is, if I need some time to format
  and perform a fresh installation of my server as it will be my Active Directory? Of course I will have lost my domain controller and I have to accomplish the placement of each workstation again that enters my domain one by one.
  I know there is the option of AD replication, so we call the Active Directory, even for another version of the Operating System, prátia already realized this, but it most often comes not functioning properly, done without replication problems Server 2003 to
  2008 R2.
  Guys like to know a solution to not having to put my plants in my domain network again one by one, is there any way to backup so that when I reinstalled the system and the AD again in my server stations return to "see" again that server as your domain
  controller, even me installing AD with the same domain name before this formatting stations do not respond to this driver in this case do the Network ID or add the station to the area again, so she creates a new user profile for example (Max.meudominio) while
  your old profile "guy" still remains on the machine, I adopted the practice of editing the record of this newly created profile and pointing him well for the old user folder which contains all data and settings, eg edit my key "ProfileImagePath"
  regedit logged in with the newly created profile (Max.meudominio) ->
  (switch "ProfileImagePath" C:\Users\Max.meudominio) thus pointing to the folder before replacing in the field again this season after formatted server, thus ->
  (Switch "ProfileImagePath" C:\Users\Max), detail that we give permission for all such user "C:\Users\Max" folder, after that restart the computer and he comes back with the user profile and all your settings.
  I wonder if there is another method to perform this procedure, do not know even a backup AD to not have to replace all the seasons again "meudominio.local".
  Thank you for your attention!
  Translation with Google translator! Sorry.
  Matias Duarte Coordenador de Suporte Dual Solucoes® | Soluções em tecnologia da informação

  As the practice of replication I know her mostly said she has some flaws when I do the replication of my domain to another server but it works correctly, so having a server "master" and the other ServidorBKP as "slave", in redundancy,
  the problem is when I say, and put the "ServidorBKP" being my primary domain controller and disabling my main controller, to disable or turn off my main controller the stations themselves are unable to login because it does not communicate with the
  my ServidorBKP "slave" even I put it as the main driver of course.
  Regarding the System State as far as I know this option existed in Server 2003.
  I also got some information, confer on the links below.
  http://msdn.microsoft.com/en-us/library/bb727048.aspx
  http://technet.microsoft.com/pt-br/library/cc758435(v=ws.10).aspx
  http://technet.microsoft.com/en-us/library/cc961934.aspx
  I'm still researching other ways, getting communicate any news to everyone. (Google Translate)
  Matias Duarte Coordenador de T.I. Dual Solucoes® | Soluções em tecnologia da informação http://www.matiasduarte.com.br

• Guide to differences between SQL Server Transact SQL and Oracle PL/SQL

  Does anyone know of a good book (or online guide) that has an in-depth comparison of the differences between SQL Server Transact SQL and Oracle PL/SQL? (Something more than a beginner's guide)

  Hello,
  Below links will surely be helpful
  Discontinued features in SQL 2012
  Depricated features in SQL Server 2012
  Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

• Which is the difference between Windows server on IA64 and on x64?

  Hello,
  I want to download the last update of MaxDB 7.6 on servers 32bit and 64bit.
  For the version 32bit there exists only for Windows server IA32.
  For the version 64bit there exists for Window server IA64 and x64.
  Which is the difference between Windows server on IA64 and on x64?
  The version 32bits for Windows IA32bit functions for any type of server?.
  Best regards
  Frédéric Blaise
  e-Kenz S.A.

  For the version 32bit there exists only for Windows server IA32.
  IA32 is basically x86
  Which is the difference between Windows server on IA64 and on x64?
  IA64 is based on Itanium processors while x64 are x86 compatible.
  The version 32bits for Windows IA32bit functions for any type of server?.
  For any Windows 32bit server.
  Regards
  Juan

• Directory Server 5.0 and 5.1 - Triggers

  Does the previous versions of Sun Java Directory Server 5.0 and 5.1 support LDAP Triggers.
  I need to be clarified soon.

  Hi,
  You can set this in "iPlanet Diretory Server", to force the user to log off after particular time. For more info. check iPlanet Directory server guide.
  Regards,
  Dakshin.

• Differences between  WL Server 6.0 and 6.1

  Are there any differences between Weblogic Server 6.0 and 6.1 . Also what is new in Weblogic 6.1

  Maria wrote:
  >
  Are there any differences between Weblogic Server 6.0 and 6.1 .yes.
  Also what is new in Weblogic 6.1Please see the documentation.

• DFSr supported cluster configurations - replication between shared storage

  I have a very specific configuration for DFSr that appears to be suffering severe performance issues when hosted on a cluster, as part of a DFS replication group.
  My configuration:
  3 Physical machines (blades) within a physical quadrant.
  3 Physical machines (blades) hosted within a separate physical quadrant
  Both quadrants are extremely well connected, local, 10GBit/s fibre.
  There is local storage in each quadrant, no storage replication takes place.
  The 3 machines in the first quadrant are MS clustered with shared storage LUNs on a 3PAR filer.
  The 3 machines in the second quadrant are also clustered with shared storage, but on a separate 3PAR device.
  8 shared LUNs are presented to the cluster in the first quadrant, and an identical storage layout is connected in the second quadrant. Each LUN has an associated HAFS application associated with it which can fail-over onto any machine in the local cluster.
  DFS replication groups have been set up for each LUN and data is replicated from an "Active" cluster node entry point, to a "Passive" cluster node that provides no entry point to the data via DFSn and a Read-Only copy on it's shared cluster
  storage.
  For the sake of argument, assume that all HAFS application instances in the first quadrant are "Active" in a read/write configuration, and all "Passive" instances of the HAFS applications in the other quadrants are Read-Only.
  This guide: http://blogs.technet.com/b/filecab/archive/2009/06/29/deploying-dfs-replication-on-a-windows-failover-cluster-part-i.aspx defines
  how to add a clustered service to a replication group. It clearly shows using "Shared storage" for the cluster, which is common sense otherwise there effectively is no application fail-over possible and removes the entire point of using a resilient
  cluster.
  This article: http://technet.microsoft.com/en-us/library/cc773238(v=ws.10).aspx#BKMK_061 defines the following:
  DFS Replication in Windows Server 2012 and Windows Server 2008 R2 includes the ability to add a failover cluster
  as a member of a replication group. The DFS Replication service on versions of Windows prior to Windows Server 2008 R2
  is not designed to coordinate with a failover cluster, and the service will not fail over to another node.
  It then goes on to state, quite incredibly: DFS Replication does not support replicating files on Cluster Shared Volumes.
  Stating quite simply that DFSr does not support Cluster Shared Volumes makes absolutely no sense at all after stating clusters
  are supported in replication groups and a technet guide is provided to setup and configure this configuration. What possible use is a clustered HAFS solution that has no shared storage between the clustered nodes - none at all.
  My question:  I need some clarification, is the text meant to read "between" Clustered
  Shared Volumes?
  The storage configuration must to be shared in order to form a clustered service in the first place. What
  we am seeing from experience is a serious degradation of
  performance when attempting to replicate / write data between two clusters running a HAFS configuration, in a DFS replication group.
  If for instance, as a test, local / logical storage is mounted to a physical machine the performance of a DFS replication group between the unshared, logical storage on the physical nodes is approaching 15k small files per minute on initial write and even high
  for file amendments. When replicating between two nodes in a cluster, with shared clustered storage the solution manages a weak 2,500 files per minute on initial write and only 260 files per minute when attempting to update data / amend files.
  By testing various configurations we have effectively ruled out the SAN, the storage, drivers, firmware, DFSr configuration, replication group configuration - the only factor left that makes any difference is replicating from shared clustered storage, to another
  shared clustered storage LUN.
  So in summary:
  Logical Volume ---> Logical Volume = Fast
  Logical Volume ---> Clustered Shared Volume = ??
  Clusted Shared Volume ---> Clustered Shared Volume = Pitifully slow
  Can anyone explain why this might be?
  The guidance in the article is in clear conflict with all other evidence provided around DFSr and clustering, however it seems to lean towards why we may be seeing a real issue with replication performance.
  Many thanks for your time and any help/replies that may be received.
  Paul

  Hello Shaon Shan,
  I am also having the same scenario at one of my customer place.
  We have two FileServers running on Hyper-V 2012 R2 as guest VM using Cluster Shared Volume.  Even the data partition drive also a part of CSV.
  It's really confusing whether the DFS replication on CSV are supported or not, then what would be consequence if using.
  In my knowledge we have some customers they are using Hyper-V 2008 R2 and DFS is configured and running fine on CSV since more than 4 years without any issue.
  Appreciate if you can please elaborate and explain in details about the limitations on using CSV.
  Thanks in advance,
  Abul

• Subtree replication in Directory Server 5

  Hi,
  I previously posted this question in the netscape.server.directory
  newsgroup because I didn't know this one existed! (The link on the
  iplanet web page points to the
  netscape newsgroup)
  The administrator's guide for iplanet Directory Server 5 states that
  "the smallest unit of replication is the database".
  Our previous implementation of replication using DS 4.x replicates
  subtrees.
  Does anyone know if iPlanet is going to restore this feature in further
  versions or why they do not support it anymore?
  Thanks!
  Buzz

  Anyone wanting to control what part of the DIT, and what attributes of each
  object are synced, may want to take a look at SimpleSync from CPS Systems
  www.cps-systems.com
  This product lets you select what part(s) of the directory to sync, or which
  parts to exclude. It also lets you determine what attributes get synced.
  Further, it treats all directories as peers, so you can sync in one or both
  directions. Lastly, it syncs at the attribute level so is not schema
  dependent.
  In addition to iPlanet, SimpleSync synchronizes Active Directory/Exchange
  2000 Forests, Exchange 5.5 Organizations, Lotus Notes/Domino.
  Cheers,
  Jerry
  "Rosanne Gillis" <[email protected]> wrote in message
  news:[email protected]..
  Hi,
  I previously posted this question in the netscape.server.directory
  newsgroup because I didn't know this one existed! (The link on the
  iplanet web page points to the
  netscape newsgroup)
  The administrator's guide for iplanet Directory Server 5 states that
  "the smallest unit of replication is the database".
  Our previous implementation of replication using DS 4.x replicates
  subtrees.
  Does anyone know if iPlanet is going to restore this feature in further
  versions or why they do not support it anymore?
  Thanks!
  Buzz

• How do I bind to directory server with SSL and authentication?

  I'm running Lion Server 10.7.3, Open Directory master. In Open Directory/Settings/LDAP, I've checked the box to Enable SSL and selected a (self-signed) certificate. In Policies/Binding, I've checked the box to Enable Authenticated Directory Binding.
  Testing with a client computer on which Snow Leopard has been freshly installed and fully updated, I went to System Prefs/Accounts to bind to the new directory server. The good news is, the binding was successful, and when the client initiates an AFP connection with the server, it uses Kerberos, creating a ticket as expected. (Which doesn't work with Lion clients, alas, but that's a seperate matter.)
  Here are the problems:
  1) It looks like the binding did not use SSL. By which I mean that when I opened Directory Utility and examined the LDAPv3 entry, the SSL checkbox was not checked. (If I then check the box, everything looks fine until I restart the client, after which I have a red dot. So I'm guessing that checking the box does nothing until after restart, and that it breaks the binding.)
  2) I was never prompted to authenticate for the directory binding.
  So I get that literally I'm *enabling* SSL and Authenticated Directory Binding, but it seems like the defaults are to bind without SSL or authentication, and there's no obvious-to-me way to force the binding to use those things. How do I do that?
  What I'd really like to do is *require* SSL and Authenticated Directory Binding. I want this because my belief (correct me if I'm wrong) is that if authentication is required to bind to the server, no one will be able to bind to my server without my permission, and that SSL offers a more secure connection to my server than not-SSL. How do I require these things, or do I not really want to?
  Thank you.

  You cannot connect to databases via Muse at the moment. Please refer: http://forums.adobe.com/message/5090145#5090145
  Cheers,
  Vikas

• Single directory Server for Messaging and Portal

  We are trying to unify our directory services.
  At present, there two directory servers, one for iPlanet messaging 5.2 and another for Portal server 6.0.
  Messaging's Directory server is v5.1 and Portal's Directory server is v5.2. Their BaseDN is same.
  Now, What we are planning to do is as below.
  1. LDIF everything from Msgr Directory and import into Portal's Directory.
  2. Point Msg Server to the Portal's directory.
  But, we are not sure what to export or how to tell messaging server to look at the Portal's Directory. Any help will be greatly appreciated!!!
  Thanks
  Srini

  What you are trying to do is non-trivial.
  Setting the ldap server for user and groups on the mail server is easy enough -- look at the output of configutil and you will find the values of local.ugldap*
  define the values you need to change.
  e.g.:
  local.ugldapbasedn
  local.ugldapbindcred
  local.ugldapbinddn
  local.ugldaphost
  local.ugldapport
  etc.
  These are all listed in the messaging reference manual.
  You need to ensure that the schemas of the two apps. match. For example, if you are using schema 1 for mail and schema 2 for the portal (quite likely), there will be a lot more work to do on the directory than simply moving the user entries accross and merging them.
  Unless you have done this sort of thing before, or feel very comfortable and knowlegable about how the messaging server in partuicular works with LDAP, I would suggest that you seriously consider getting help from Sun Professonal Services.

• Sun Directory Server attribute userPassword and SSHA

  I am trying to write my own java code to validate an input plain text password against the corresponding encoded value as it appears on the Sun One directory server attribute 'userPassword'.
  For example the userPassword attribute value might look like this:
  {SSHA}...some-ssha-encoded-jibberish...
  Now what does the java code snippet look like that take as input a
  plain-text password String and encodes it to see if it matches the
  Sun One encoded attribute value??

  I know that doing an LDAP bind will accomplish the 'logical' equivlant of what I am after but for my application purposes I need to be able to validate the password string with my own code. In fact my problem goes beyond just the {SSHA} style hash I also need to be able to validate the {crypt} style has as well. I have solved the {SHA} style hash validation but the other two hashes are problematic thus far.

• JNDI Support in Directory Server 5.1 and 5.2

  Does anyone know where I can find documentation on whether Directory Server supports - JNDI -(java naming directory interface), and whether this is an industry standard that is outlined in an RFC somewhere?
  Thanks

  JNDI support is documented in Chapter 35 of the DSRK guide at http://docs.sun.com/source/816-6400-10/jndi.html
  JNDI is a part of J2SE, a Java Community Process specification. See http://www.jcp.org
  --Stephen                                                                                                                                                                                                                                                                                                                                                                                                                                   

• Replication between 2 node RAC environment and standalone

  I would like to find out if we can setup replication between a (2 node) RAC environment and standalone database located at different location. Any help regarding this would be greatly appreciated.

  Thanks for the reply.
  Consider for a moment I cannot implement dataguard/stream -- because I believe both involves licensing issue --- now only option left is writing my own code. If I right my own code what are the prerequisites for this and what do I have to keep in (technically)mind before i start implementing this. Any help or any lead would be greatly appreciated.