[Date Prev][Date Next] [Chronological] [Thread] [Top]

Need advice on setting up referrals for replicas



Been running OpenLDAP a long while, finally want to tackle replication.
Software is version 1.2.7 on DB 2.7.5, with GNU Pth thrown in.  On HP/UX
10.20.

I've set up a slave server, and added updatedn and referral lines to the
slapd.conf therein.  The referral line is like:
referral    ldap://master.mydomain.com/

Tried hitting the slave with ldappasswd for a test... I'm getting the
following output:
>> ./ldappasswd -b 'o=Harris/NSS' -D
"oid=usr00283,ou=Accounts,o=Harris/NSS" -E -W -vvvvv 'uid=asparks'
Enter LDAP password:
New password:
Re-enter new password:
oid=usr00283,ou=User Accounts,o=Harris/NSS:{crypt}blah
ldap_modify: No such object

The funny thing is, the slave is reporting a referral.  And, the referred-to
master is indeed getting hit, as shown in the following log snippet:

Sep 24 14:55:20 infiniti slapd[701]: conn=65973 fd=5 connection from
mercury.cpd
.harris.com (137.237.216.5) accepted.
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=0 BIND dn="" method=128
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=0 RESULT err=0 tag=97
nentries=0
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=1 MOD dn=""
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=1 RESULT err=32 tag=103
nentries=0
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=2 UNBIND
Sep 24 14:55:20 infiniti slapd[701]: conn=65973 op=2 fd=5 closed errno=0

Two things wrong:
1) that's an anonymous bind.  How come the client didn't rebind with the
original credentials after the referral?  It'll never work...
2) the MOD is null, instead of the DN given to the slave server.  A little
playing shows that if I change the slave's referral to something like
ldap://master.cpd.harris.com/o=Harris/NSS, that the MOD changes to
o=Harris/NSS.

Any pointers on what I'm doing wrong?  Read the FAQ already, is there
something else to read?

Thanks in advance.
-Alan
=============
Alan Sparks, Principal Network Analyst       <asparks@cpd.harris.com>
Harris Corporation, Camarillo CA                   (805) 389-2430