Replicating database from external company

hcl-bot · March 26, 2008, 10:43am

Hello I am confused and need advise.

I have an external company who have opened up access to a specific database I need to replicate down to our domino server over the internet.

We have both opened up our firewall’s for our specific ip addresses to allow port 1352 traffic through.

We have cross certified at the server level.

He has amended the ACL of the database I want to get to, to allow our server and admin team Manager access.

On my notes server I have added there server cetificate.

I have created a new Server - External Domain Network record. I have added a connection document on our server and I have added a Replication record to pull the specific databse down.

I have a windows 2003 server running the domino software but I do not have the domino admin client installed because the install guide says…“Do not install the Domino Administrator on the same system on which you installed the Domino server. Doing so compromises Domino’s security and impairs server performance”.

When I do a trace from my pc using the admin client I get a positive reply saying I am connected to the server.

When I issue a pull or replicate command through the domino console windows I get an error message “None of the selected databases has a replica on the server”.

When the Replication Task kicks in it gives me this error “None of the selected databases has a replica on the server”.

When I select Open Server from the admin client on my pc it says there are no cross certificates.

I have even had the guy send me a replica copy of the database over which I have added to an exact route on our server.

How do I get the database replica copy I have to get an update from the external company, or a new replica copy from them.

The only way I can see round it is to install the admin client on the server itself then maybe when I select Open Server it see’s they are cross certified and will allow it through, even though the install guide says do not do it.

Please advise.

hcl-bot · March 26, 2008, 1:21pm

Subject: Replicating database from external company

This process can be pretty frustrating the first time around, and it’s something that’s not done all this often.

First, you need to get the other company to set up a broader cross-certificate (or an additional one). At the moment, their server only trusts the identity of your server, and not of you, the administrator. You can have them issue a cross-certificate from their server to the whole of your organization, or just an additional cross-cert from their server for your ID. Either way, this gets stored in their Domino Directory.

Next, you probably want to connect to their server from your admin client. Either you can do this directly or via passthru on your server.

For the direct approach, you’ll need to create a connection document in your personal NAB for their server. You may need to amend the firewall rules you set up.

Passthru would give let you avoid making firewall changes, but will require changes to the Passthru settings in the Security section of each server doc (and a restart).

With either approach, you’ll also need to accept a cross-cert for the other organization into your personal NAB (Notes will ask if you want to do this).

Once this is done, you should be able to browse the databases’s on the other company’s server, open any to which you’ve been given access in the ACL, and create new replicas of these on your server as you see fit.

There’s a third approach, which is just to add a file-level copy of the database to your server, and configure the server connection documents to replicate this database with the other server. Trouble with this is that you can’t ever check out their side of the config through your admin client (which just makes things harder in the long run).

Hope that helps,

Rupert Clayton

Chicago

hcl-bot · March 27, 2008, 10:08am

Subject: RE: Replicating database from external company

Thank you for your response.This will involve quite a few changes, could I not take an easy option and install the admin client on the server briefly then uninstall it. Would this cause a problem?

hcl-bot · March 27, 2008, 5:44pm

Subject: RE: Replicating database from external company

Hi Paula,

Yes you can use the admin-client-on-the-server approach, but it won’t get around the cross-certification issue. Whichever way you do this, your partner company’s server needs to trust the identity of your own user ID in order for you to get access to their server to open the DB (and from there to create a new replica).

If you do want to try doing this interactively from the server, you can open up a basic Notes client just by running notes.exe from the Domino program folder. This might be better than installing/uninstalling Domino Admin, which might risk some unpleasant registry changes.

Basically, though, you either need the other company to issue a cross-cert for your ID (or for the wider organization), or you can work with a file-level copy.

Good luck,

Rupert Clayton

Chicago

hcl-bot · April 9, 2008, 8:13am

Subject: RE: Replicating database from external company

I finally got this to work.I got the other company to send a replica stub of the database and put this on my server.

I then allowed the other companies server access to create databases and replicas in my server security settings.

I then forced a ‘repl’ command on the servers console and the replication took place. Also the scheduled replication task is also working now.