[389-users] Re: Procedure to change the AD used to sync users

On 9/12/22 3:38 PM, Mihai Carabas wrote:

On Mon, Sep 12, 2022 at 6:35 PM Mark Reynolds <> wrote:

On 9/12/22 10:58 AM, Mihai Carabas wrote:

On Fri, Sep 9, 2022 at 10:31 PM Mihai Carabas <> wrote:

On Wed, Aug 31, 2022 at 8:25 PM Mark Reynolds <> wrote:

Start with the docs:

# dsconf slapd-INSTANCE repl-winsync-agmt list

# dsconf slapd-INSTANCE repl-winsync-agmt set --help

# dsconf slapd-INSTANCE repl-winsync-agmt set --host=<NEW HOSTNAME>

# dsconf slapd-INSTANCE repl-winsync-agmt init <AGREEMENT NAME>

I did this:

[root@ldap ~]# dsconf slapd-ldap repl-winsync-agmt list --suffix "dc=curs,dc=xxx,dc=yy" | grep Host
But in the logs:

[09/Sep/2022:22:23:43.366356845 +0300] - INFO - NSMMReplicationPlugin - windows sync - windows_tot_run - Beginning total update of replica "agmt="" (ad:636)".

And it connects to the old server (ad:636) [the old was]. From where is getting that ad?

Any input here? A reboot is needed? Dropping changelog?

Try a server restart "dsctl slapd-ldap restart".  If it still pulling in that old host then maybe you have an extra/conflicting agreement?  "" refers the DN of the replication agreement.  So check if that is the same DN of the agreement you have been modifying.

restart worked like a charm.

Is there a way to find out what config changes needs restart? (for future reasons)

Well in this case a replication agreement is processed at server startup or when it is first created.  The server will spawn a separate thread for each replication agreement.  Changes to things like port and hostname are not picked up in this agreement thread.  So all changes to a replication agreement's configuration will require a server restart.


