[Date Prev][Date Next]
I cannot figure out what I have done wrong in this replication
setup. I am using openldap v1.2.4 on both machines. edas03 has linux
redhat v6.0; edas02 has linus rehdat v5.2.
Changes to the master are replicated in the slave. Changes sent to
the slave are referred to the master who rejects them as having
So. Why is the access insufficient? Does replication need some
special type of entry?
The master LDAP (on host edas03) has these entries for replication:
The slave has these entries:
access to * by dn="cn=edas,dc=bbrown,dc=com" write
ldapmodify -h edas02 -D "cn=root,dc=bbrown,dc=com" -w secret < change.2
always gives this response:
modifying entry: <the dn of the entry>
ldap_modify: Insufficient access
Using debug shows that the command is referred to the master who
decides that there is insufficient access to change the entry. "root"
If I issue the command like this (change in the master):
ldapmodify -h edas03 -D "cn=root,dc=bbrown,dc=com" -w xxxx < change.2
the entry is modified in both the master and the slave, ie, the change
is propogated to the slave.
If I issue the command like this (change in the slave):
ldapmodify -h edas02 -D "cn=edas,dc=bbrown,dc=com" -w echo < change.2
the entry is modified in the slave ONLY since it sees the updatedn and
thinks the command is coming from the master.
The dn "cn=edas,dc=bbrown,dc=com" exists in both databases with the
----[ change.2 ]------
dn: corbaRepositoryId=IDL:burr-brown.com/module/interface/, dc=bbrown,
corbaior: IOR:bogus ior, change to xxqqyyzy!...