[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: setting rootpw for cn=monitor

To: "masarati@aero.polimi.it" <masarati@aero.polimi.it>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: RE: setting rootpw for cn=monitor
From: Chris Card <ctcard@hotmail.com>
Date: Wed, 9 Jan 2013 12:29:00 +0000
Importance: Normal
In-reply-to: <SNT129-W125C2CF9EEC74D6DDAFD3DCC2B0@phx.gbl>
References: <SNT129-W315B86D50EA409A225E022CC240@phx.gbl>, , <50ED3401.8040302@aero.polimi.it>, <SNT129-W125C2CF9EEC74D6DDAFD3DCC2B0@phx.gbl>


> > On 01/08/2013 05:34 PM, Chris Card wrote:
> > >
> > > Hi all,
> > >
> > > I'm seeing an issue with setting the rootpw for the cn=monitor database and syncrepl replication (multi-master syncrepl).
> > >
> > > I am seeing this problem with openldap 2.4.31 at the moment, but I intend to upgrade to 2.4.34 when that becomes available.
> > >
I am also seeing a similar issue when trying to modify the LDAP configuration to use delta-syncrepl for my main directory instead 
of simple syncrepl. I apply LDIF on the first LDAP server that creates a cn=accesslog database and creates an overlay on the main 
database which depends on the cn=accesslog database:

dn: olcDatabase=mdb,cn=config
changetype: add
objectClass: olcMdbConfig
objectClass: olcDatabaseConfig
objectClass: olcConfig
objectClass: top
olcRootPW: *****
olcDatabase: mdb
olcDbDirectory: ****************
olcSuffix: cn=accesslog
olcDbMaxSize: 10737418240
olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
olcRootDN: cn=accesslog

dn: olcOverlay=syncprov,olcDatabase={3}mdb,cn=config
changetype: add
objectClass: olcSyncProvConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
olcOverlay: syncprov
olcSpReloadHint: TRUE
olcSpNoPresent: TRUE

dn: olcOverlay={2}accesslog,olcDatabase={1}bdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {2}accesslog
olcAccessLogDb: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 1+00:00 1+00:00

This works fine on the first LDAP server, but when replicated to the second LDAP server gives an error:

   olcAccessLogDB: value #0: <olcAccessLogDB> no matching backend found for suffix "cn=accesslog"
   null_callback : error code 0x50
   syncrepl_entry: rid=*** be_add olcOverlay={2}accesslog,olcDatabase={1}bdb,cn=config failed (80)

It looks like LDAP replication is trying to create the accesslog overlay before creating the cn=accecsslog database.

Chris

References:
- setting rootpw for cn=monitor
  - From: Chris Card <ctcard@hotmail.com>
- Re: setting rootpw for cn=monitor
  - From: Pierangelo Masarati <masarati@aero.polimi.it>
- RE: setting rootpw for cn=monitor
  - From: Chris Card <ctcard@hotmail.com>

Prev by Date: Re: access directive
Next by Date: Re: slapd-ldap and backend errors
Index(es):
- Chronological
- Thread