Coolest Guides on the Planet

coolest guides on the planet

Coolest Guides On The Planet

Open Directory Replica Fails to Replicate, OS X Server

Leave a Comment

There are a few gotchas when trying to set up an Open Directory Replica from an Open Directory Master on OS X Server 10.6 Snow Leopard.

 

1) DNS – First thing is that DNS has to be set up perfectly so you get forward and reverse look ups that match the FQDN and the IP address. OS X gives you a tool via the command line, “changeip”,  that confirms that dns is good to go, you need to run it as root

sudo changeip -checkhostname
Password:
Primary address     = 192.168.0.102
Current HostName    = myfqdn.com
DNS HostName        = myfqdn.com
The names match. There is nothing to change.
dirserv:success = "success"

That last line says it all – success!, this needs to be both the same on the OD Master and the OD Replica.

If you get any other response you need to get your DNS working first – so go back to the DNS drawing board.

 

2) Time – both master and replica need to be within 5mins of each other to support Kerboros authorization , so probably best to set up Network Time Server NTP – you can set this in:
Server Admin > Settings > General > Enable NTP
and
Server Admin > Settings > Date & Time > Set date & time automatically.

 

3) SSH – Replication takes place vis SSH with the Master pushing the directory out to the Replica and the Replica has to acknowledge the transfer.

On the Master change the following in /etc/sshd_config

Authentication:
PermitRootLogin yes
PasswordAuthentication yes
PubkeyAuthentication no

and on the OD replica like this:

 

PasswordAuthentication yes
PubkeyAuthentication no

 

4) scutil

scutil is a tool that “provides a command line interface to the “dynamic store” data maintained by configd” – this includes HostName (FQDN), ComputerName (local computer) and LocalHostName (Bonjour).

Even though DNS may be right and you get the success response from changeip command, if the hostname is not right in scutil then replication will fail.

Check by issuing the command below should resolve successfully on both Master and Replica:

scutil --get HostName

If your FQDN is not returned you need to set it by issuing:

scutil --set HostName myfqdn.com

Now try and set up the OD replica again – you now should be set  up a replica on the other side of the planet.