[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication Log Problem



At 02:33 PM 2/13/01 +0800, Wilson KH Sheh wrote:


>I have setup openldap 2.0.7 on two Red Hat 7 servers, one as master and the
>other as slave.
>
>When I update in the slave,
>
>   ldapmodify -x -C -D "cn=Manager,dc=ccgo,dc=hksarg" -w secret -f a
>
>, the master was updated (i.e. referral works) but the slave was not. When I
>look at the reject log file, "invalid syntax" error occurred. Moreover, the
>replication log file (before I start the slurpd in master) is:
>
>replica: bplinux:389
>time: 982041728
>dn: cn=cho,dc=ccgo,dc=hksarg
>changetype: modify
>replace: UTITLE
>UTITLE: Mr.ChrisHo
>-
>replace: modifiersName
>modifiersName:: PGFub255bW91cz4=
>-
>replace: modifyTimestamp
>modifyTimestamp: 20010213052208Z
>-


% perl <<EOF
use MIME::Base64;
print decode_base64('PGFub255bW91cz4=') . "\n";
EOF
<anonymous>

You really shouldn't allow anonymous users to modify your
directory.

As far as putting <anonymous> in modifiersName, that's a
bug which is best fixed by completely disallowing anonymous
update.