[Date Prev][Date Next] [Chronological] [Thread] [Top]

cn=config multimaster olcAuthzRegexp not working

To: openldap-software@openldap.org
Subject: cn=config multimaster olcAuthzRegexp not working
From: Gémes Géza <geza@kzsdabas.hu>
Date: Sun, 06 Jul 2008 17:20:35 +0200
User-agent: Thunderbird 2.0.0.14 (X11/20080505)

Hi,

I'm running openldap 2.4.9 on three boxes one production, two in the
process of setting them up for multimaster replication (in case of
success the third is going to be joined to the setup)
I've successfully migrated from slapd.conf to cn=config using slaptest
-f ... -F ..., at this step everything works as expected.
After ldapmodifying (for multimaster syncrepl) with the following ldif
(a customized version of the one from the admin guide):

dn: cn=config
changetype: modify
add: olcServerID
olcServerID: 1 ldaps://first.kzsdabas.hu
olcServerID: 2 ldaps://second.kzsdabas.hu
olcServerID: 3 ldaps://third.kzsdabas.hu

dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=001 provider=ldaps://first.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="cn=config"
type=refreshAndPersist retry="5 5 300 5" timeout=1
olcSyncRepl: rid=002 provider=ldaps://second.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="cn=config"
type=refreshAndPersist retry="5 5 300 5" timeout=1
olcSyncRepl: rid=003 provider=ldaps://third.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="cn=config"
type=refreshAndPersist    retry="5 5 300 5" timeout=1
-
add: olcMirrorMode
olcMirrorMode: TRUE

dn: olcOverlay=syncprov,olcDatabase={1}bdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov

dn: olcDatabase={1}bdb,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=004 provider=ldaps://first.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="dc=kzsdabas,dc=hu"
type=refreshAndPersist retry="5 5 300 5" timeout=1
olcSyncRepl: rid=005 provider=ldaps://second.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="dc=kzsdabas,dc=hu"
type=refreshAndPersist retry="5 5 300 5" timeout=1
olcSyncRepl: rid=006 provider=ldaps://third.kzsdabas.hu bindmethod=sasl
saslmech=GSSAPI authcid=ldapsyncrepl searchbase="dc=kzsdabas,dc=hu"
type=refreshAndPersist    retry="5 5 300 5" timeout=1
-
add: olcMirrorMode
olcMirrorMode: TRUE

everything still works, but after restarting slapd, the bdb database
dc=kzsdabas,dc=hu becomes unaccessible.
slapd runing with debuglevel set to -1 writes:
=> bdb_search
bdb_dn2entry("DC=kzsdabas,DC=hu")
=> bdb_dn2id("DC=kzsdabas,DC=hu")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
(-30990)

Thanks for any ideas

Geza

Follow-Ups:
- Re: cn=config multimaster olcAuthzRegexp not working
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: One more ACL question
Next by Date: Re: cn=config multimaster olcAuthzRegexp not working
Index(es):
- Chronological
- Thread