[Date Prev][Date Next] [Chronological] [Thread] [Top]

enough of replication problem.



hello
 
I have read enough and tried enough to make it work, but it doesn't work all the time.
My setup is here , I will appreciate a word of wisdom.
I have 2 machines Machine A (Master LDAP) , Machine B (Slave LDAP).
 
Master LDAP :
replica host=pcNavYkfSupp1.ykf.navtechinc.com:389
        binddn="uid=replica,ou=ykfPeople,dc=navtechinc,dc=com"
        bindmethod=simple credentials=replica
 
Slave LDAP:
updatedn uid=replica,ou=ykfPeople,dc=navtechinc,dc=com"
updateref "ldap://pcNavYkfSupp2.navtechinc.com"
 
both Machines have same ldap version openldap-2.0.27-2.7.3
 
The issues is when my ldaptools i-e ldap.conf , smbldap-*.pl  point to Master , and I change user attribute gecos , using smbldap-usermodify.pl it gets replicated to Slave.
But if I change password for user , it doesn't get replicate I get rej log, which says insufficient access.
But when I point all ldap tools to MachineB (Slave ldap), no replication occurs, nothing, everything gets changed on Machine B but Machine A retains old changes
Here is my slapd.access on Slave
#This is ACL (Access Control List) for Slapd
access to dn=".*,dc=navtechinc,dc=com" attr=userPassword,ntPassword,lmPassword,smbHome,gecos
        by dn="cn=Manager,dc=navtechinc,dc=com" write
        by dn="uid=replica,ou=ykfPeople,dc=navtechinc,dc=com" write
        by self write
        by * auth
access to dn=".*,dc=navtechinc,dc=com" attr=mail
        by dn="cn=Manager,dc=navtechinc,dc=com" write
        by self write
        by * read

access to dn=".*,ou=ykf,dc=navtechinc,dc=com"
        by * read
access to dn=".*,dc=navtechinc,dc=com"
        by self write
        by * read
Master SALPD Access
 
#This is ACL (Access Control List) for Slapd
access to dn=".*,dc=navtechinc,dc=com" attr=userPassword,ntPassword,lmPassword
        by dn="cn=Manager,dc=navtechinc,dc=com" write
        by self write
        by * auth
access to dn=".*,dc=navtechinc,dc=com" attr=mail
        by dn="cn=Manager,dc=navtechinc,dc=com" write
        by self write
        by * read
access to dn=".*,ou=ykf,dc=navtechinc,dc=com"
        by * read
access to dn=".*,dc=navtechinc,dc=com"
        by self write
        by * read
So i am not sure whats going on if it is problem with ACLs or bind stuff is wrong.
 


Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software