[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slurpd replication, "entryCSN: no user modification allowed"



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gavin White wrote:
| Kurt D. Zeilenga wrote:
|
|>>
|>> Snipped, from an earlier post:
|>>
|>> on the server, my slapd.conf has:
|>> rootdn          "uid=root,dc=mydomain,dc=com"
|>> replica         host=ldap://ldap2.mydomain.com:389
|>>               binddn="uid=root,dc=domain,dc=com"
|>>               bindmethod=simple credentials=mypassword
|>>
|>> On the slave (ldap2), it has:
|>> rootdn          "uid=root,dc=mydomain,dc=com"
|>> updatedn        "uid=root,dc=mydomain,dc=com"
|>
|>
|>
|> Note that your binddn != updatedn.  (Note as well that
|> the updatedn of the slave should not be same as the
|> rootdn of the master.)
|>
|> Kurt
|
|
| Typo.  On the actual server, bindn == rootdn.

But we want to know if binddn on the master is the same as the updatedn
on the slave (which isn't necessarily true if binddn==rootdn ...)

| Trust me, I've sat and
| stared at them, sdiff'ed the files, they are the same.

Post your config files, because this really looks like a
misconfiguration, and we can't help find the error if you don't post the
whole config files and insist that the most probably cause of the error
message is not the cause.

| I also tried creating a new user, and setting it as both updatedn and
| binddn.  I configured the slave ACL such that from the master, I was
| able to ldapadd -h <slave host> , binding as the new user.  However,
| slurpd returned 'invalid credentials'.  This is after copying and
| pasting the DN and password from the successful ldapadd into the binddn
| and updatedn lines in the conf files.

Hmm, this sounds like you have your bind password surrounded by single
quotes and not double quotes (or something like that).

But, the error you posted was not a bind error ... so I'm confused.
Which problem are we trying to solve here????

BTW, 2.1.22 sucked as a replica (in my experience).

Regards,
Buchan

- --
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAwMTJrJK6UGDSBKcRAjQpAJ4ic7RgQCR/gi6PtDWJ6hccFysRmACfUFgz
wbM3IKomqt+6kzusI1rmFfw=
=tjF8
-----END PGP SIGNATURE-----