Hi,

i have the following situation:

2 Locations, Site A and Site B
SITE A: [/B]

INTERNAL NETWORK, WITH 1 OES2, 3 OES11. OES11 HAS THE MASTER
REPLCIA OF ROOT

DMZ, JUST 1 OES2 SERVER, WITH READ/WRITE REPLICAT OF
ROOT
NO SYNCONISATION PROBLEMS.

NOW I CONNECTED SITE A DMZ WITH SITE B DMZ, THROUG A IPSEC VPN
[B]SITE B:

Just 1 SLES11 Server, which i want to make OES11, and join the
Tree form Site A
OES-Configuration via Yast works fine, eDirectory Authentification,
Context Browsing are all no problem.

But after the last "next" button, I get an error:

-ndsconfig failed to configure and start eDirectory.-
Pretty default.... on details it tells me:

-WARNING: Unable to check the duplicate server context
Susen.ou=Susen.o=srv.DG.
...
Checking if server is ready to service requests...
││
││Logging into the tree as "cn=admin.o=srv". Please
wait... ││
││all referrals failed.
││
││ERROR -626: Setup for NDS installation failed.
││
││Please make certain that you have provided the
complete server and admin contexts.
-
And jup, checked the user, he's fine.

On the Site A DMZ Server i let a ndstrace run:


Code:
--------------------
DEBUG: Begin-> DCResolveWithConstraint context = 26c9000c
DEBUG: Starting to walk from initial connection
DEBUG: Resolving \DG\O=srv\OU=Susen
INFO: Resolving \DG\O=srv\OU=Susen, flags 00004002.
INFO: Respond with local entry succeeded.
DEBUG: ------> tag = 6
DEBUG: ------> id = 00008B57
DEBUG: End---> DCResolveWithConstraint err = 0
DEBUG: Connect to tcp:192.168.36.6:524 succeeded
DEBUG: Connect to tcp:192.168.36.6:524 succeeded
INFO: Resolving \DG\ou=Susen.o=srv\Susen, flags 00004002.
INFO: Resolving \DG\o=srv\cn=admin, flags 00004044.
INFO: Respond with local entry succeeded.
INFO: Resolving \DG\O=srv\OU=oNe\CN=oNe, flags 00004002.
INFO: Respond with local entry succeeded.
ERR: Primary object is ID_INVALID
INFO: Resolving \DG\o=srv\ou=Susen, flags 00004002.
INFO: Respond with local entry succeeded.
INFO: Resolving \DG\o=srv\ou=Susen, flags 00004008.
INFO: Respond with local entry succeeded.
DEBUG: Connect to tcp:192.168.36.6:524 succeeded
DEBUG: Begin-> DCResolveWithConstraint context = 6204000e
DEBUG: Starting to walk from initial connection
DEBUG: Resolving v2, non-text
INFO: Resolving \T=DG\O=srv\OU=oNe\CN=oNe, flags 00004004.
INFO: Respond with local entry succeeded.
DEBUG: ------> tag = 6
DEBUG: ------> id = 0000802A
DEBUG: End---> DCResolveWithConstraint err = 0
DEBUG: Connect to tcp:192.168.36.6:524 succeeded

--------------------

> Susen is the Servername of the one on Site B. Also the context should be
> ou=Susen,o=srv


All in all it seems to me, he's trying to connect to the Server, which
holds the Master Replcia of the Root. But he can not reach it. (No way
from Site B DMZ to Site A INT, and thats for purpose)
So how can I tell the tree, that every Syncronisation to Site B, has to
go over the Site A DMZ Server??


--
MSchietzsch
------------------------------------------------------------------------
MSchietzsch's Profile: http://forums.novell.com/member.php?userid=31119
View this thread: http://forums.novell.com/showthread.php?t=457245