[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: using syncrepl for master slave relationship not working
- To: Howard Chu <hyc@symas.com>
- Subject: Re: using syncrepl for master slave relationship not working
- From: Omar Al-Tabari <otabari@batelco.jo>
- Date: Sun, 03 Apr 2005 15:15:32 +0200
- Cc: openldap-software <openldap-software@OpenLDAP.org>
- In-reply-to: <42473046.6060505@symas.com>
- References: <424037D6.40402@batelco.jo> <42412566.7050007@batelco.jo> <42412F90.7080403@batelco.jo> <42415152.9040008@symas.com> <4246589E.8040406@batelco.jo> <42473046.6060505@symas.com>
- User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)
Howard Chu wrote:
Omar Al-Tabari wrote:
I can't seem to make it work, I've installed OpenLdap v 2.3 on the
consumer machine and configured the slapd as such:
*****************************************************
the provider slapd is version 2.2.13 and is configured as such:
That is one mistake, you should be using 2.3 on the provider. The
consumer can be either 2.2.24 or 2.3, but for the provider only 2.3
works.
I was not able to update or search, when running the slapd on the
consumer and provider with the above configuration this is some of
what I got:
**********************************************
bdb_search: 18 does not match filter
send_ldap_result: conn=-1 op=0 p=3
bdb_dn2entry("cn=nextfreeunixid,dc=ldaptest,dc=batelco,dc=jo")
bdb_modify_internal: 0x00000011:
cn=NextFreeUnixId,dc=ldaptest,dc=batelco,dc=jo
bdb_db_cache: db_open(objectClass) failed: Permission denied (13)
bdb_index_read: Could not open DB objectClass
Attribute index delete failurebdb_modify: modify failed (80)
These messages indicate that the underlying database files are not
accessible by the userID that is running slapd. Fix your filesystem
permissions, this is not a software issue.
slapd destroy: freeing system resources.
bdb(dc=ldaptest,dc=batelco,dc=jo): memberUid.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): loginShell.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): uid.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): sn.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): cn.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): gidNumber.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): uidNumber.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): ou.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): entryUUID.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): objectClass.bdb: unable to flush:
Permission denied
bdb(dc=ldaptest,dc=batelco,dc=jo): txn_checkpoint: failed to flush
the buffer cache Permission denied
bdb_db_destroy: txn_checkpoint failed: Permission denied (13)
bdb(dc=ldaptest,dc=batelco,dc=jo): Database handles open during
environment close
bdb_db_destroy: close failed: Invalid argument (22)
slapd stopped.
***************************************************************
can please some one help me out here, I've already recieved much help
and thank you for that, but i just cant get it to work.
thank you in advance.
i've installed version 2.3 on both consumer and provider, the providers
slapd.conf looks like this:
********************************************
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /var/openldap/etc/openldap/schema/core.schema
include /var/openldap/etc/openldap/schema/cosine.schema
include /var/openldap/etc/openldap/schema/inetorgperson.schema
include /var/openldap/etc/openldap/schema/nis.schema
include /var/openldap/etc/openldap/schema/samba.schema
include /var/openldap/etc/openldap/schema/redhat/autofs.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
pidfile /var/openldap/var/run/slapd.pid
argsfile /var/openldap/var/run/slapd.args
database bdb
suffix "dc=ldaptest,dc=batelco,dc=jo"
rootdn "cn=Manager,dc=ldaptest,dc=batelco,dc=jo"
rootpw secret
# Mode 700 recommended.
directory /var/openldap/var/openldap-data
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index entryUUID eq
*****************************************
the providers slapd.conf looks like this:
***************************************
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/samba.schema
include /usr/local/etc/openldap/schema//redhat/autofs.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
database bdb
suffix "dc=ldaptest,dc=batelco,dc=jo"
rootdn "cn=Manager,dc=ldaptest,dc=batelco,dc=jo"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /usr/local/var/openldap-data
# Indices to maintain
#index objectClass eq
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index entryUUID eq
syncrepl rid=123
provider=ldap://ldaptest.batelco.jo:389
type=refreshAndPersist
# interval=00:00:01:00
searchbase="dc=ldaptest,dc=batelco,dc=jo"
filter="(objectClass=*)"
scope=sub
attrs="*"
schemachecking=off
updatedn="cn=manager,dc=ldaptest,dc=batelco,dc=jo"
bindmethod=simple
binddn="cn=manager,dc=ldaptest,dc=batelco,dc=jo"
credentials=secret
**********************************************
now I start the provider and the consumer with debug level 256, this is
the providers output:
[root@ldaptest libexec]# ./slapd -d256 -u ldap -h "ldap:///";
@(#) $OpenLDAP: slapd 2.3.2beta (Mar 28 2005 13:05:53) $
root@ldaptest.batelco.jo:/root/openldap-2.3.2beta/servers/slapd
bdb_db_init: Initializing BDB database
16: unknown tls_option <b>
slapd starting
conn=0 fd=10 ACCEPT from IP=172.16.5.108:1026 (IP=0.0.0.0:389)
conn=0 op=0 BIND dn="" method=128
conn=0 op=0 RESULT tag=97 err=0 text=
conn=0 op=1 SRCH base="" scope=2 deref=0 filter="(objectClass=*)"
conn=0 op=1 SRCH attr=* +
conn=0 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
conn=0 op=2 UNBIND
conn=0 fd=10 closed
the consumer gave this:
[root@mc libexec]# ./slapd -d256 -u ldap -h "ldap:///";
@(#) $OpenLDAP: slapd 2.3.2beta (Mar 24 2005 11:18:51) $
root@mc.batelco.jo:/root/openldap-2.3.2beta/servers/slapd
bdb_db_init: Initializing BDB database
16: unknown tls_option <b>
slapd starting
request 1 done
request 2 done
now the provider has a full tree. before starting the consumer and
provider a did a slapcat on the provider, took all the entries, then
moved it to the consumer, and did a slapadd.
I use phpldapadmin for administrating the directory, after starting the
consumer and provider i can view and manipulate the provider, but the
consumer is empty as if nothing was added, the strange thing is when i
run an ldapsearch to see the entries in the "Consumer" i get the entire
tree that i slapcated a little moment ago!!
please help me cause i'm at the end of the line with this, and I have
yet to enable TLS on them :(
thank you in advance.