Sorry for the mistake in my previous mail:
the error message is
"no structuralObjectClass operational attribute"
Hi there, I've got a problem replicating
entries from my master server.
The master's version is openldap2-2.0.23-53
From the /etc/openldap/slapd.conf
[...]
database ldbm
suffix "dc=gfi-bremen,dc=de"
rootdn "cn=root,dc=gfi-bremen,dc=de"
rootpw
{SSHA}8qlSVhOTrfG8HufspcHJhY0/c3SgoUoTIxviUMuOugE3aNtVOwj7nS6sNNJZWCBgDmC
Dlg== directory /var/lib/ldap/gfi-bremen.de
mode 0600
# -- master slapd -- Optionen
replogfile /var/lib/ldap/slapd.replog
replica host=lihb-108.vpn.gfi-bremen.de:389
suffix="dc=gfi-bremen,dc=de"
binddn="cn=replica,dc=gfi-bremen,dc=de"
credentials=geheim
bindmethod=simple
tls=yes
[...]
The replica's version is openldap2-2.2.6-34
From the /etc/openldap/slapd.conf
[...]
database ldbm
updatedn "cn=replica,dc=gfi-bremen,dc=de"
updateref ldap://lihb-105.vpn.gfi-bremen.de
suffix "dc=gfi-bremen,dc=de"
rootdn "cn=replica,dc=gfi-bremen,dc=de"
rootpw
{SSHA}Ol/WbTtPO9p1Tzn6/hfGFJB3in+4uBcX03tH0GkkExs6jvuQN9SNSdczVorFCC3Px+J
e1A== directory /var/lib/ldap/gfi-bremen.de
mode 0600
[...]
The ldif for a user looks like
dn: uid=suff,ou=Systementwicklung,ou=Mitarbeiter,dc=gfi-bremen,dc=de
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
objectClass: posixAccount
objectClass: shadowAccount
objectClass: gfiAccount
cn: Sascha Rudolf
sn: Rudolf
givenName: Sascha
mail: suff@vpn.gfi-bremen.de
mailHost: mail.vpn.gfi-bremen.de
mailMessageStore: /var/spool/mail/virtual/suff
uid: suff
uidNumber: 6004
gidNumber: 6000
homeDirectory: /home/suff
gecos: Sascha Rudolf
loginShell: /bin/bash
accountStatus: active
host: lihb-001
roomNumber: Raum 11
telephoneNumber: +49 421 1234 - 115
mobile: +49 171 1234567
ou: Entwicklung
ou: Systementwicklung
ou: EDV
description: Suff Suffensen
description: Fri Jul 30 15:46:39 CEST 2004
I had to create the objectClass gfiAccount, since the replica
complained when initially loading the Content of the master
using slapadd (something like object class violation person/account).
The gfiAccount in /etc/openldap/schema/gfi.schema looks like
objectclass ( 1.3.6.1.4.1.7165.1.1.1.99 NAME 'gfiAccount'
SUP ( inetOrgPerson $ account ) STRUCTURAL)
(The OID is a fake, this will hopefully cause no errors)
Now adding an entry on the master works fine:
ldapadd -x -D 'cn=root,dc=gfi-bremen,dc=de' -W -f suff.ldif
Enter LDAP Password:
adding new entry
"uid=suff,ou=Systementwicklung,ou=Mitarbeiter,dc=gfi-bremen,dc=de"
The corresponding replog file looks like
cat /var/lib/ldap/slapd.replog
replica: lihb-108.vpn.gfi-bremen.de:389
time: 1092988326
dn: uid=suff,ou=Systementwicklung,ou=Mitarbeiter,dc=gfi-bremen,dc=de
changetype: add
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
objectClass: posixAccount
objectClass: shadowAccount
objectClass: gfiAccount
cn: Sascha Rudolf
sn: Rudolf
givenName: Sascha
mail: suff@vpn.gfi-bremen.de
mailHost: mail.vpn.gfi-bremen.de
mailMessageStore: /var/spool/mail/virtual/suff
uid: suff
uidNumber: 6004
gidNumber: 6000
homeDirectory: /home/suff
gecos: Sascha Rudolf
loginShell: /bin/bash
accountStatus: active
host: lihb-001
roomNumber: Raum 11
telephoneNumber: +49 421 1234 - 115
mobile: +49 171 1234567
ou: Entwicklung
ou: Systementwicklung
ou: EDV
description: Suff Suffensen
description: Fri Jul 30 15:46:39 CEST 2004
creatorsName: cn=root,dc=gfi-bremen,dc=de
createTimestamp: 20040820075205Z
modifiersName: cn=root,dc=gfi-bremen,dc=de
modifyTimestamp: 20040820075205Z
The problem is, that the
structuralObjectClass: gfiAccount
line is missing. When slurpd tries to add the entry,
an error occurs on the replica and the data is not being
inserted:
Aug 10 16:18:37 lihb-108 slapd[23754]: conn=11 op=2 RESULT tag=105 err=80
text=no structuralObjectClass operational attribute
When I stop slurpd and alter the replog file manually
by inserting the structuralObjectClass line, everything
works fine after restarting slurpd.
Can anybody help please?
--
NEU: Bis zu 10 GB Speicher für e-mails & Dateien!
1 GB bereits bei GMX FreeMail http://www.gmx.net/de/go/mail