[Date Prev][Date Next] [Chronological] [Thread] [Top]

referral/replication auth problem



Hi.

I'm running OpenLDAP 1.2.8 on two Solaris 7 boxes, set up as master and
slave.  I followed the admin guide and the FAQ.  Updates issued directly
to the master server work just fine and propagate to the slave, but
updates to the slave server don't work.  The problem, as I see it, is that
though I've authenticated with the slave server, that auth info hasn't
been passed on to the master when the referral is made.  The error I get
is:

ldap_modify: Insufficient access

I'm trying to modify my own record as myself.  I've tried as root.  All
appropriate settings are shared by both servers, the slave data is a
direct copy of the master data. 

The relevant parts of the slapd.conf file for the slave server are:

referral "ldap://master.york.ac.uk/o=University of York,c=GB"
readonly on
updatedn "cn=Replicator,o=University of York,c=GB"
access to dn=".*,o=University of York,c=GB" 
        by self write
        by dn="cn=Replicator,o=University of York,c=GB" write
        by domain=.*\.york\.ac\.uk read

and the relevant parts of the master's slapd.conf are:

replica host=slave.york.ac.uk
                binddn="cn=Replicator,o=University of York,c=GB" 
                bindmethod=simple
                credentials=password
replogfile /var/ldap/replog
access to dn=".*,o=University of York,c=GB" 
        by self write
        by dn="cn=Replicator,o=University of York,c=GB" write
        by domain=.*\.york\.ac\.uk read

I'd be most grateful for any help.

Chris.