There might be some other problem with apache or load balancer. This is more about traffic routing; ldap replication shouldn't have any part here.

Yes,ok, I understand it. Load balancer already not configured, In apache configuration I have records only gluu2 server. Mayby I can provide for you some logs or configs?

Sure.

Ok. Started. Ubuntu version : Ubuntu 14.04.4 LTS Gluu version : gluu-server-2.4.3 ``` hostname : server1 - gluu1 server2 - gluu2 ``` /etc/hosts : on both servers one ``` 127.0.0.1 localhost 172.32.29.162 gluu1 172.32.20.238 gluu2 ``` IP adreses in private network. Both servers installed with default options, only Shibboleth added. Second server installed with "scripted" - I'm use setup.properties.last from first server, command ``` ./setup.py -s ``` (-s - for add Shibboleth) After installation servers allowed on separate HTTPS address - **https://gluu1** and **https://gluu2** Maybe can provide more on this step? Or go to next?

Compressed configuration : ``` hostname gluu1 (gluu2 for second server) orgName AG os ubuntu city Texus state tx countryCode US support email support@ag.com tomcat max ram 4096 Admin Pass xxxxxxxxxxx Install oxAuth True Install oxTrust True Install LDAP True Install Apache 2 web serverTrue Install Shibboleth 2 SAML IDP True Install Asimba SAML Proxy False Install CAS False Install oxAuth RP False ``` Gluu Server installation successful! Point your browser to https://gluu1 Gluu Server installation successful! Point your browser to https://gluu2 [gluu1](https://goo.gl/photos/c4KDQYwKp1FCAjGV7) [gluu2](https://goo.gl/photos/eakVhLymCruY7LpD8) We can go ahead?

LDAP Replication: **#python ldapGeneralConfigInstall.py** ``` Password for 'cn=Directory Manager': Setting Global properties... Setting Default Password Policy properties... ``` **#python replicationSetup.py** ``` Create a password for the replication admin: Enter number of OpenDJ servers: 2 Enter the hostname of server 1: 172.32.29.162 Enter the Directory Manager password for 172.32.29.162: Enter the hostname of server 2: 172.32.20.238 Enter the Directory Manager password for 172.32.20.238: Establishing connections ..... Done. Checking registration information ..... Done. Configuring Replication port on server 172.32.29.162:4444 ..... Done. Configuring Replication port on server 172.32.20.238:4444 ..... Done. Updating replication configuration for baseDN o=gluu on server 172.32.29.162:4444 .....Done. Updating replication configuration for baseDN o=gluu on server 172.32.20.238:4444 .....Done. Updating registration configuration on server 172.32.29.162:4444 ..... Done. Updating registration configuration on server 172.32.20.238:4444 ..... Done. Updating replication configuration for baseDN cn=schema on server 172.32.29.162:4444 .....Done. Updating replication configuration for baseDN cn=schema on server 172.32.20.238:4444 .....Done. Initializing registration information on server 172.32.20.238:4444 with the contents of server 172.32.29.162:4444 .....Done. Initializing schema on server 172.32.20.238:4444 with the contents of server 172.32.29.162:4444 .....Done. Replication has been successfully enabled. Note that for replication to work you must initialize the contents of the base DNs that are being replicated (use dsreplication initialize to do so). See /tmp/opendj-replication-7843662444768623913.log for a detailed log of this operation. ```

Next - initialize syncronisation : **#/opt/opendj/bin/dsreplication initialize** ``` >>>> Specify server administration connection parameters for the source server Directory server hostname or IP address [gluu1]: 172.32.29.162 Directory server administration port number [4444]: How do you want to trust the server certificate? 1) Automatically trust 2) Use a truststore 3) Manually validate Enter choice [3]: 1 Global Administrator User ID [admin]: Password for user 'admin': >>>> Specify server administration connection parameters for the destination server Directory server hostname or IP address [gluu1]: 172.32.20.238 Directory server administration port number [4444]: How do you want to trust the server certificate? 1) Automatically trust 2) Use a truststore 3) Manually validate Enter choice [3]: 1 You must choose at least one base DN to be initialized. Initialize base DN o=gluu? (yes / no) [yes]: Initializing the contents of a base DN removes all the existing contents of that base DN. Do you want to remove the contents of the selected base DNs on server 172.32.20.238:4444 and replace them with the contents of server 172.32.29.162:4444? (yes / no) [yes]: Initializing base DN o=gluu with the contents from 172.32.29.162:4444: 179 entries processed (95 % complete). 187 entries processed (100 % complete). Base DN initialized successfully. See /tmp/opendj-replication-2823331294085537107.log for a detailed log of this operation. ``` looks like good.

But after this step I'm see web page for gluu1 and get error for gluu2 eroor - ``` The gluu2 page isn’t working gluu2 redirected you too many times. Try: Reloading the page Clearing your cookies ``` ERR_TOO_MANY_REDIRECTS

>> Gluu Server installation successful! Point your browser to https://gluu1 >> Gluu Server installation successful! Point your browser to https://gluu2 'gluu1' or 'gluu2' shouldn't be the hostname of IDP. Please use FQDN as hostname. Both server must have same hostname; because it's cluster setup.

Ok, thank's you, this my error. Please, not close ticket, I'm reinstall cluster.

Thank you very much, all works.